Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
Typeapk
Namespacealpine
Nameqemu
Version5.1.0-r1
Qualifiers
arch armv7
distroversion v3.23
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version5.2.0-r0
Latest_non_vulnerable_version8.0.2-r1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1hex-9ksd-wyd3
vulnerability_id VCID-1hex-9ksd-wyd3
summary QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25085.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25085.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25085
reference_id
reference_type
scores
0
value 0.00116
scoring_system epss
scoring_elements 0.29906
published_at 2026-06-04T12:55:00Z
1
value 0.00116
scoring_system epss
scoring_elements 0.29974
published_at 2026-06-05T12:55:00Z
2
value 0.00116
scoring_system epss
scoring_elements 0.29936
published_at 2026-06-06T12:55:00Z
3
value 0.00116
scoring_system epss
scoring_elements 0.29905
published_at 2026-06-07T12:55:00Z
4
value 0.00126
scoring_system epss
scoring_elements 0.31381
published_at 2026-06-09T12:55:00Z
5
value 0.00126
scoring_system epss
scoring_elements 0.31357
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25085
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25085
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25085
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1879671
reference_id 1879671
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1879671
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970540
reference_id 970540
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970540
6
reference_url https://usn.ubuntu.com/4650-1/
reference_id USN-4650-1
reference_type
scores
url https://usn.ubuntu.com/4650-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.1.0-r1%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2020-25085
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1hex-9ksd-wyd3
1
url VCID-336h-uj7r-d7cb
vulnerability_id VCID-336h-uj7r-d7cb
summary In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16092.json
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16092.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-16092
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.11849
published_at 2026-06-04T12:55:00Z
1
value 0.00039
scoring_system epss
scoring_elements 0.11935
published_at 2026-06-05T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.1193
published_at 2026-06-06T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.11892
published_at 2026-06-07T12:55:00Z
4
value 0.00039
scoring_system epss
scoring_elements 0.1181
published_at 2026-06-08T12:55:00Z
5
value 0.00039
scoring_system epss
scoring_elements 0.1182
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-16092
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860283
reference_id 1860283
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860283
8
reference_url https://security.gentoo.org/glsa/202208-27
reference_id GLSA-202208-27
reference_type
scores
url https://security.gentoo.org/glsa/202208-27
9
reference_url https://access.redhat.com/errata/RHSA-2020:5111
reference_id RHSA-2020:5111
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5111
10
reference_url https://access.redhat.com/errata/RHSA-2021:0346
reference_id RHSA-2021:0346
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0346
11
reference_url https://access.redhat.com/errata/RHSA-2021:0347
reference_id RHSA-2021:0347
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0347
12
reference_url https://access.redhat.com/errata/RHSA-2021:0459
reference_id RHSA-2021:0459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0459
13
reference_url https://access.redhat.com/errata/RHSA-2021:0934
reference_id RHSA-2021:0934
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0934
14
reference_url https://access.redhat.com/errata/RHSA-2021:1762
reference_id RHSA-2021:1762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1762
15
reference_url https://usn.ubuntu.com/4467-1/
reference_id USN-4467-1
reference_type
scores
url https://usn.ubuntu.com/4467-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.1.0-r1%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2020-16092
risk_score 1.7
exploitability 0.5
weighted_severity 3.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-336h-uj7r-d7cb
2
url VCID-crb3-9929-5ycz
vulnerability_id VCID-crb3-9929-5ycz
summary A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() routine in hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the QEMU process on the host.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17380.json
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17380.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-17380
reference_id
reference_type
scores
0
value 0.00163
scoring_system epss
scoring_elements 0.36956
published_at 2026-06-04T12:55:00Z
1
value 0.00163
scoring_system epss
scoring_elements 0.37047
published_at 2026-06-05T12:55:00Z
2
value 0.00163
scoring_system epss
scoring_elements 0.37053
published_at 2026-06-06T12:55:00Z
3
value 0.00163
scoring_system epss
scoring_elements 0.37021
published_at 2026-06-07T12:55:00Z
4
value 0.00177
scoring_system epss
scoring_elements 0.38978
published_at 2026-06-09T12:55:00Z
5
value 0.00177
scoring_system epss
scoring_elements 0.38967
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-17380
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17380
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1862167
reference_id 1862167
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1862167
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970937
reference_id 970937
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970937
6
reference_url https://usn.ubuntu.com/4650-1/
reference_id USN-4650-1
reference_type
scores
url https://usn.ubuntu.com/4650-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.1.0-r1%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2020-17380
risk_score 2.5
exploitability 0.5
weighted_severity 5.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-crb3-9929-5ycz
3
url VCID-d49u-murd-q3c5
vulnerability_id VCID-d49u-murd-q3c5
summary QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25084.json
reference_id
reference_type
scores
0
value 3.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25084.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25084
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.11342
published_at 2026-06-04T12:55:00Z
1
value 0.00037
scoring_system epss
scoring_elements 0.1143
published_at 2026-06-05T12:55:00Z
2
value 0.00037
scoring_system epss
scoring_elements 0.11427
published_at 2026-06-06T12:55:00Z
3
value 0.00037
scoring_system epss
scoring_elements 0.1139
published_at 2026-06-07T12:55:00Z
4
value 0.00037
scoring_system epss
scoring_elements 0.11311
published_at 2026-06-08T12:55:00Z
5
value 0.00037
scoring_system epss
scoring_elements 0.11327
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25084
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25084
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25084
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1879652
reference_id 1879652
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1879652
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970539
reference_id 970539
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970539
6
reference_url https://usn.ubuntu.com/4650-1/
reference_id USN-4650-1
reference_type
scores
url https://usn.ubuntu.com/4650-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.1.0-r1%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2020-25084
risk_score 1.4
exploitability 0.5
weighted_severity 2.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d49u-murd-q3c5
4
url VCID-f81q-3ajm-hffn
vulnerability_id VCID-f81q-3ajm-hffn
summary hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25624.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25624.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25624
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.10437
published_at 2026-06-04T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.10479
published_at 2026-06-05T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.10497
published_at 2026-06-06T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.10458
published_at 2026-06-07T12:55:00Z
4
value 0.00034
scoring_system epss
scoring_elements 0.10374
published_at 2026-06-08T12:55:00Z
5
value 0.00034
scoring_system epss
scoring_elements 0.10397
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25624
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25624
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25624
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1879801
reference_id 1879801
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1879801
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970541
reference_id 970541
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970541
6
reference_url https://usn.ubuntu.com/4650-1/
reference_id USN-4650-1
reference_type
scores
url https://usn.ubuntu.com/4650-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.1.0-r1%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2020-25624
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f81q-3ajm-hffn
5
url VCID-fsp9-fm4z-rya8
vulnerability_id VCID-fsp9-fm4z-rya8
summary In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13361.json
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13361.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13361
reference_id
reference_type
scores
0
value 0.0008
scoring_system epss
scoring_elements 0.23704
published_at 2026-06-04T12:55:00Z
1
value 0.0008
scoring_system epss
scoring_elements 0.23799
published_at 2026-06-05T12:55:00Z
2
value 0.0008
scoring_system epss
scoring_elements 0.23784
published_at 2026-06-06T12:55:00Z
3
value 0.0008
scoring_system epss
scoring_elements 0.23738
published_at 2026-06-07T12:55:00Z
4
value 0.0008
scoring_system epss
scoring_elements 0.23684
published_at 2026-06-08T12:55:00Z
5
value 0.0008
scoring_system epss
scoring_elements 0.23689
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13361
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1840980
reference_id 1840980
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1840980
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961888
reference_id 961888
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961888
11
reference_url https://security.gentoo.org/glsa/202011-09
reference_id GLSA-202011-09
reference_type
scores
url https://security.gentoo.org/glsa/202011-09
12
reference_url https://usn.ubuntu.com/4467-1/
reference_id USN-4467-1
reference_type
scores
url https://usn.ubuntu.com/4467-1/
13
reference_url https://usn.ubuntu.com/4467-2/
reference_id USN-4467-2
reference_type
scores
url https://usn.ubuntu.com/4467-2/
fixed_packages
0
url pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.1.0-r1%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2020-13361
risk_score 1.8
exploitability 0.5
weighted_severity 3.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fsp9-fm4z-rya8
6
url VCID-g2fg-dvgw-dyc9
vulnerability_id VCID-g2fg-dvgw-dyc9
summary An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14364.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14364.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14364
reference_id
reference_type
scores
0
value 0.11436
scoring_system epss
scoring_elements 0.93737
published_at 2026-06-07T12:55:00Z
1
value 0.11436
scoring_system epss
scoring_elements 0.93736
published_at 2026-06-08T12:55:00Z
2
value 0.11436
scoring_system epss
scoring_elements 0.93743
published_at 2026-06-09T12:55:00Z
3
value 0.12946
scoring_system epss
scoring_elements 0.94206
published_at 2026-06-05T12:55:00Z
4
value 0.12946
scoring_system epss
scoring_elements 0.94198
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14364
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1869201
reference_id 1869201
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1869201
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968947
reference_id 968947
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968947
9
reference_url https://security.gentoo.org/glsa/202009-14
reference_id GLSA-202009-14
reference_type
scores
url https://security.gentoo.org/glsa/202009-14
10
reference_url https://security.gentoo.org/glsa/202011-09
reference_id GLSA-202011-09
reference_type
scores
url https://security.gentoo.org/glsa/202011-09
11
reference_url https://access.redhat.com/errata/RHSA-2020:4047
reference_id RHSA-2020:4047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4047
12
reference_url https://access.redhat.com/errata/RHSA-2020:4048
reference_id RHSA-2020:4048
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4048
13
reference_url https://access.redhat.com/errata/RHSA-2020:4049
reference_id RHSA-2020:4049
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4049
14
reference_url https://access.redhat.com/errata/RHSA-2020:4050
reference_id RHSA-2020:4050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4050
15
reference_url https://access.redhat.com/errata/RHSA-2020:4051
reference_id RHSA-2020:4051
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4051
16
reference_url https://access.redhat.com/errata/RHSA-2020:4052
reference_id RHSA-2020:4052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4052
17
reference_url https://access.redhat.com/errata/RHSA-2020:4053
reference_id RHSA-2020:4053
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4053
18
reference_url https://access.redhat.com/errata/RHSA-2020:4054
reference_id RHSA-2020:4054
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4054
19
reference_url https://access.redhat.com/errata/RHSA-2020:4055
reference_id RHSA-2020:4055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4055
20
reference_url https://access.redhat.com/errata/RHSA-2020:4056
reference_id RHSA-2020:4056
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4056
21
reference_url https://access.redhat.com/errata/RHSA-2020:4058
reference_id RHSA-2020:4058
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4058
22
reference_url https://access.redhat.com/errata/RHSA-2020:4059
reference_id RHSA-2020:4059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4059
23
reference_url https://access.redhat.com/errata/RHSA-2020:4078
reference_id RHSA-2020:4078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4078
24
reference_url https://access.redhat.com/errata/RHSA-2020:4079
reference_id RHSA-2020:4079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4079
25
reference_url https://access.redhat.com/errata/RHSA-2020:4111
reference_id RHSA-2020:4111
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4111
26
reference_url https://access.redhat.com/errata/RHSA-2020:4115
reference_id RHSA-2020:4115
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4115
27
reference_url https://access.redhat.com/errata/RHSA-2020:4162
reference_id RHSA-2020:4162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4162
28
reference_url https://access.redhat.com/errata/RHSA-2020:4167
reference_id RHSA-2020:4167
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4167
29
reference_url https://access.redhat.com/errata/RHSA-2020:4172
reference_id RHSA-2020:4172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4172
30
reference_url https://access.redhat.com/errata/RHSA-2020:4176
reference_id RHSA-2020:4176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4176
31
reference_url https://access.redhat.com/errata/RHSA-2020:4290
reference_id RHSA-2020:4290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4290
32
reference_url https://access.redhat.com/errata/RHSA-2020:4291
reference_id RHSA-2020:4291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4291
33
reference_url https://usn.ubuntu.com/4467-2/
reference_id USN-4467-2
reference_type
scores
url https://usn.ubuntu.com/4467-2/
34
reference_url https://usn.ubuntu.com/4511-1/
reference_id USN-4511-1
reference_type
scores
url https://usn.ubuntu.com/4511-1/
35
reference_url https://xenbits.xen.org/xsa/advisory-335.html
reference_id XSA-335
reference_type
scores
url https://xenbits.xen.org/xsa/advisory-335.html
fixed_packages
0
url pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.1.0-r1%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2020-14364, XSA-335
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2fg-dvgw-dyc9
7
url VCID-p41y-wz4b-mqfy
vulnerability_id VCID-p41y-wz4b-mqfy
summary hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25625.json
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25625.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25625
reference_id
reference_type
scores
0
value 0.00147
scoring_system epss
scoring_elements 0.34757
published_at 2026-06-04T12:55:00Z
1
value 0.00147
scoring_system epss
scoring_elements 0.34853
published_at 2026-06-05T12:55:00Z
2
value 0.00147
scoring_system epss
scoring_elements 0.3487
published_at 2026-06-06T12:55:00Z
3
value 0.00147
scoring_system epss
scoring_elements 0.34834
published_at 2026-06-07T12:55:00Z
4
value 0.00147
scoring_system epss
scoring_elements 0.34797
published_at 2026-06-08T12:55:00Z
5
value 0.00147
scoring_system epss
scoring_elements 0.34819
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25625
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25625
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25625
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1879808
reference_id 1879808
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1879808
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970542
reference_id 970542
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970542
6
reference_url https://usn.ubuntu.com/4650-1/
reference_id USN-4650-1
reference_type
scores
url https://usn.ubuntu.com/4650-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.1.0-r1%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2020-25625
risk_score 1.1
exploitability 0.5
weighted_severity 2.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p41y-wz4b-mqfy
8
url VCID-s3nr-hmx3-5kcj
vulnerability_id VCID-s3nr-hmx3-5kcj
summary hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28916.json
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28916.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28916
reference_id
reference_type
scores
0
value 0.00047
scoring_system epss
scoring_elements 0.14817
published_at 2026-06-04T12:55:00Z
1
value 0.00047
scoring_system epss
scoring_elements 0.14902
published_at 2026-06-05T12:55:00Z
2
value 0.00047
scoring_system epss
scoring_elements 0.14899
published_at 2026-06-06T12:55:00Z
3
value 0.00047
scoring_system epss
scoring_elements 0.14858
published_at 2026-06-07T12:55:00Z
4
value 0.00047
scoring_system epss
scoring_elements 0.14775
published_at 2026-06-08T12:55:00Z
5
value 0.00047
scoring_system epss
scoring_elements 0.14797
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28916
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28916
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28916
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1903064
reference_id 1903064
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1903064
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976388
reference_id 976388
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976388
6
reference_url https://access.redhat.com/errata/RHSA-2021:1762
reference_id RHSA-2021:1762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1762
7
reference_url https://usn.ubuntu.com/4725-1/
reference_id USN-4725-1
reference_type
scores
url https://usn.ubuntu.com/4725-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.1.0-r1%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2020-28916
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s3nr-hmx3-5kcj
9
url VCID-tw4d-2afr-y3gk
vulnerability_id VCID-tw4d-2afr-y3gk
summary In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13362.json
reference_id
reference_type
scores
0
value 3.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13362.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13362
reference_id
reference_type
scores
0
value 0.0008
scoring_system epss
scoring_elements 0.23704
published_at 2026-06-04T12:55:00Z
1
value 0.0008
scoring_system epss
scoring_elements 0.23799
published_at 2026-06-05T12:55:00Z
2
value 0.0008
scoring_system epss
scoring_elements 0.23784
published_at 2026-06-06T12:55:00Z
3
value 0.0008
scoring_system epss
scoring_elements 0.23738
published_at 2026-06-07T12:55:00Z
4
value 0.0008
scoring_system epss
scoring_elements 0.23684
published_at 2026-06-08T12:55:00Z
5
value 0.0008
scoring_system epss
scoring_elements 0.23689
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13362
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1840999
reference_id 1840999
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1840999
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961887
reference_id 961887
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961887
11
reference_url https://security.gentoo.org/glsa/202011-09
reference_id GLSA-202011-09
reference_type
scores
url https://security.gentoo.org/glsa/202011-09
12
reference_url https://usn.ubuntu.com/4467-1/
reference_id USN-4467-1
reference_type
scores
url https://usn.ubuntu.com/4467-1/
13
reference_url https://usn.ubuntu.com/4467-2/
reference_id USN-4467-2
reference_type
scores
url https://usn.ubuntu.com/4467-2/
fixed_packages
0
url pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.1.0-r1%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2020-13362
risk_score 1.4
exploitability 0.5
weighted_severity 2.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tw4d-2afr-y3gk
10
url VCID-u25j-m76d-byhq
vulnerability_id VCID-u25j-m76d-byhq
summary hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service or potential privileged code execution. This was fixed in commit 5519724a13664b43e225ca05351c60b4468e4555.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15863.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15863.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15863
reference_id
reference_type
scores
0
value 0.00127
scoring_system epss
scoring_elements 0.3148
published_at 2026-06-04T12:55:00Z
1
value 0.00127
scoring_system epss
scoring_elements 0.31547
published_at 2026-06-05T12:55:00Z
2
value 0.00127
scoring_system epss
scoring_elements 0.31512
published_at 2026-06-06T12:55:00Z
3
value 0.00127
scoring_system epss
scoring_elements 0.31475
published_at 2026-06-07T12:55:00Z
4
value 0.00127
scoring_system epss
scoring_elements 0.31443
published_at 2026-06-08T12:55:00Z
5
value 0.00127
scoring_system epss
scoring_elements 0.31468
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15863
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1853725
reference_id 1853725
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1853725
8
reference_url https://security.gentoo.org/glsa/202208-27
reference_id GLSA-202208-27
reference_type
scores
url https://security.gentoo.org/glsa/202208-27
9
reference_url https://usn.ubuntu.com/4467-1/
reference_id USN-4467-1
reference_type
scores
url https://usn.ubuntu.com/4467-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.1.0-r1%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2020-15863
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u25j-m76d-byhq
11
url VCID-u5t5-kt4s-3uam
vulnerability_id VCID-u5t5-kt4s-3uam
summary fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25741.json
reference_id
reference_type
scores
0
value 3.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25741.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25741
reference_id
reference_type
scores
0
value 0.00182
scoring_system epss
scoring_elements 0.39636
published_at 2026-06-04T12:55:00Z
1
value 0.00182
scoring_system epss
scoring_elements 0.39722
published_at 2026-06-05T12:55:00Z
2
value 0.00182
scoring_system epss
scoring_elements 0.39726
published_at 2026-06-06T12:55:00Z
3
value 0.00182
scoring_system epss
scoring_elements 0.39699
published_at 2026-06-07T12:55:00Z
4
value 0.00182
scoring_system epss
scoring_elements 0.39671
published_at 2026-06-08T12:55:00Z
5
value 0.00182
scoring_system epss
scoring_elements 0.39688
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25741
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25741
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25741
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1881401
reference_id 1881401
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1881401
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970939
reference_id 970939
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970939
fixed_packages
0
url pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/qemu@5.1.0-r1?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.1.0-r1%3Farch=armv7&distroversion=v3.23&reponame=community
aliases CVE-2020-25741
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u5t5-kt4s-3uam
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.1.0-r1%3Farch=armv7&distroversion=v3.23&reponame=community