Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/421888?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/421888?format=api", "purl": "pkg:apk/alpine/bind@9.16.6-r0?arch=riscv64&distroversion=edge&reponame=main", "type": "apk", "namespace": "alpine", "name": "bind", "version": "9.16.6-r0", "qualifiers": { "arch": "riscv64", "distroversion": "edge", "reponame": "main" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "9.16.11-r2", "latest_non_vulnerable_version": "9.20.23-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60193?format=api", "vulnerability_id": "VCID-2eep-k33x-wqaw", "summary": "In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with \"--enable-native-pkcs11\" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8623.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8623.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8623", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18318", "scoring_system": "epss", "scoring_elements": "0.95338", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.18318", "scoring_system": "epss", "scoring_elements": "0.95345", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.18318", "scoring_system": "epss", "scoring_elements": "0.95354", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.18318", "scoring_system": "epss", "scoring_elements": "0.95348", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.18318", "scoring_system": "epss", "scoring_elements": "0.9535", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869477", "reference_id": "1869477", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869477" }, { "reference_url": "https://security.gentoo.org/glsa/202008-19", "reference_id": "GLSA-202008-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4500", "reference_id": "RHSA-2020:4500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4992", "reference_id": "RHSA-2020:4992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4992" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5011", "reference_id": "RHSA-2020:5011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5203", "reference_id": "RHSA-2020:5203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5203" }, { "reference_url": "https://usn.ubuntu.com/4468-1/", "reference_id": "USN-4468-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4468-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/421888?format=api", "purl": "pkg:apk/alpine/bind@9.16.6-r0?arch=riscv64&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/bind@9.16.6-r0%3Farch=riscv64&distroversion=edge&reponame=main" } ], "aliases": [ "CVE-2020-8623" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2eep-k33x-wqaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60196?format=api", "vulnerability_id": "VCID-4rdc-dpb9-t3gp", "summary": "In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8624.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8624.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.82243", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.82271", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.82272", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.82273", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.82267", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01632", "scoring_system": "epss", "scoring_elements": "0.8228", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869480", "reference_id": "1869480", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869480" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966497", "reference_id": "966497", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966497" }, { "reference_url": "https://security.gentoo.org/glsa/202008-19", "reference_id": "GLSA-202008-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4500", "reference_id": "RHSA-2020:4500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5011", "reference_id": "RHSA-2020:5011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5203", "reference_id": "RHSA-2020:5203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5203" }, { "reference_url": "https://usn.ubuntu.com/4468-1/", "reference_id": "USN-4468-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4468-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/421888?format=api", "purl": "pkg:apk/alpine/bind@9.16.6-r0?arch=riscv64&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/bind@9.16.6-r0%3Farch=riscv64&distroversion=edge&reponame=main" } ], "aliases": [ "CVE-2020-8624" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4rdc-dpb9-t3gp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60186?format=api", "vulnerability_id": "VCID-dtc1-c3gp-nqa3", "summary": "In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8621.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8621.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8621", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04879", "scoring_system": "epss", "scoring_elements": "0.89751", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04879", "scoring_system": "epss", "scoring_elements": "0.89766", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.04879", "scoring_system": "epss", "scoring_elements": "0.89783", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.04879", "scoring_system": "epss", "scoring_elements": "0.89769", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.04879", "scoring_system": "epss", "scoring_elements": "0.89768", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8621" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869471", "reference_id": "1869471", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869471" }, { "reference_url": "https://security.gentoo.org/glsa/202008-19", "reference_id": "GLSA-202008-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-19" }, { "reference_url": "https://usn.ubuntu.com/4468-1/", "reference_id": "USN-4468-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4468-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/421888?format=api", "purl": "pkg:apk/alpine/bind@9.16.6-r0?arch=riscv64&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/bind@9.16.6-r0%3Farch=riscv64&distroversion=edge&reponame=main" } ], "aliases": [ "CVE-2020-8621" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dtc1-c3gp-nqa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60190?format=api", "vulnerability_id": "VCID-sqzf-35k2-87f6", "summary": "In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8622.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8622.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8622", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85968", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.8599", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85993", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85989", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85978", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85992", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869473", "reference_id": "1869473", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869473" }, { "reference_url": "https://security.gentoo.org/glsa/202008-19", "reference_id": "GLSA-202008-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4183", "reference_id": "RHSA-2020:4183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4500", "reference_id": "RHSA-2020:4500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4992", "reference_id": "RHSA-2020:4992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4992" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5011", "reference_id": "RHSA-2020:5011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5203", "reference_id": "RHSA-2020:5203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5203" }, { "reference_url": "https://usn.ubuntu.com/4468-1/", "reference_id": "USN-4468-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4468-1/" }, { "reference_url": "https://usn.ubuntu.com/4468-2/", "reference_id": "USN-4468-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4468-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/421888?format=api", "purl": "pkg:apk/alpine/bind@9.16.6-r0?arch=riscv64&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/bind@9.16.6-r0%3Farch=riscv64&distroversion=edge&reponame=main" } ], "aliases": [ "CVE-2020-8622" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sqzf-35k2-87f6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60184?format=api", "vulnerability_id": "VCID-x118-nztx-3ub3", "summary": "In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8620.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8620.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8620", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08369", "scoring_system": "epss", "scoring_elements": "0.92449", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.08369", "scoring_system": "epss", "scoring_elements": "0.92462", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.08369", "scoring_system": "epss", "scoring_elements": "0.92458", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.08369", "scoring_system": "epss", "scoring_elements": "0.92453", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.08369", "scoring_system": "epss", "scoring_elements": "0.92452", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.08369", "scoring_system": "epss", "scoring_elements": "0.9247", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8620" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869468", "reference_id": "1869468", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869468" }, { "reference_url": "https://security.gentoo.org/glsa/202008-19", "reference_id": "GLSA-202008-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-19" }, { "reference_url": "https://usn.ubuntu.com/4468-1/", "reference_id": "USN-4468-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4468-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/421888?format=api", "purl": "pkg:apk/alpine/bind@9.16.6-r0?arch=riscv64&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/bind@9.16.6-r0%3Farch=riscv64&distroversion=edge&reponame=main" } ], "aliases": [ "CVE-2020-8620" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x118-nztx-3ub3" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/bind@9.16.6-r0%3Farch=riscv64&distroversion=edge&reponame=main" }