Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
Typeapk
Namespacealpine
Nameqemu
Version5.0.0-r0
Qualifiers
arch aarch64
distroversion v3.17
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version5.1.0-r1
Latest_non_vulnerable_version7.1.0-r4
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2vpr-k77r-pkbp
vulnerability_id VCID-2vpr-k77r-pkbp
summary hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13791.json
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13791.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13791
reference_id
reference_type
scores
0
value 0.00108
scoring_system epss
scoring_elements 0.28632
published_at 2026-06-04T12:55:00Z
1
value 0.00108
scoring_system epss
scoring_elements 0.28704
published_at 2026-06-05T12:55:00Z
2
value 0.00108
scoring_system epss
scoring_elements 0.28662
published_at 2026-06-06T12:55:00Z
3
value 0.00108
scoring_system epss
scoring_elements 0.28626
published_at 2026-06-07T12:55:00Z
4
value 0.00108
scoring_system epss
scoring_elements 0.28592
published_at 2026-06-08T12:55:00Z
5
value 0.00108
scoring_system epss
scoring_elements 0.286
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13791
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13791
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13791
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1843764
reference_id 1843764
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1843764
5
reference_url https://security.gentoo.org/glsa/202011-09
reference_id GLSA-202011-09
reference_type
scores
url https://security.gentoo.org/glsa/202011-09
fixed_packages
0
url pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.0.0-r0%3Farch=aarch64&distroversion=v3.17&reponame=community
aliases CVE-2020-13791
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2vpr-k77r-pkbp
1
url VCID-5m1f-2naj-qyab
vulnerability_id VCID-5m1f-2naj-qyab
summary In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15469.json
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15469.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15469
reference_id
reference_type
scores
0
value 0.00047
scoring_system epss
scoring_elements 0.15058
published_at 2026-06-04T12:55:00Z
1
value 0.00047
scoring_system epss
scoring_elements 0.15143
published_at 2026-06-05T12:55:00Z
2
value 0.00047
scoring_system epss
scoring_elements 0.15134
published_at 2026-06-06T12:55:00Z
3
value 0.00047
scoring_system epss
scoring_elements 0.15095
published_at 2026-06-07T12:55:00Z
4
value 0.00047
scoring_system epss
scoring_elements 0.1501
published_at 2026-06-08T12:55:00Z
5
value 0.00047
scoring_system epss
scoring_elements 0.15035
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15469
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15469
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15469
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1853154
reference_id 1853154
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1853154
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970253
reference_id 970253
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970253
6
reference_url https://usn.ubuntu.com/5010-1/
reference_id USN-5010-1
reference_type
scores
url https://usn.ubuntu.com/5010-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.0.0-r0%3Farch=aarch64&distroversion=v3.17&reponame=community
aliases CVE-2020-15469
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5m1f-2naj-qyab
2
url VCID-866e-8y5f-zygd
vulnerability_id VCID-866e-8y5f-zygd
summary hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13754.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13754.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13754
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.09205
published_at 2026-06-04T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.09247
published_at 2026-06-05T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.09266
published_at 2026-06-06T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.09246
published_at 2026-06-07T12:55:00Z
4
value 0.00031
scoring_system epss
scoring_elements 0.09187
published_at 2026-06-08T12:55:00Z
5
value 0.00031
scoring_system epss
scoring_elements 0.09217
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13754
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1842363
reference_id 1842363
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1842363
10
reference_url https://security.gentoo.org/glsa/202011-09
reference_id GLSA-202011-09
reference_type
scores
url https://security.gentoo.org/glsa/202011-09
11
reference_url https://access.redhat.com/errata/RHSA-2021:2521
reference_id RHSA-2021:2521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2521
12
reference_url https://access.redhat.com/errata/RHSA-2021:3061
reference_id RHSA-2021:3061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3061
13
reference_url https://usn.ubuntu.com/4467-1/
reference_id USN-4467-1
reference_type
scores
url https://usn.ubuntu.com/4467-1/
14
reference_url https://usn.ubuntu.com/4467-2/
reference_id USN-4467-2
reference_type
scores
url https://usn.ubuntu.com/4467-2/
fixed_packages
0
url pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.0.0-r0%3Farch=aarch64&distroversion=v3.17&reponame=community
aliases CVE-2020-13754
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-866e-8y5f-zygd
3
url VCID-aeaj-unp2-jbgu
vulnerability_id VCID-aeaj-unp2-jbgu
summary QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15859.json
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15859.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15859
reference_id
reference_type
scores
0
value 0.0013
scoring_system epss
scoring_elements 0.32048
published_at 2026-06-04T12:55:00Z
1
value 0.0013
scoring_system epss
scoring_elements 0.32121
published_at 2026-06-05T12:55:00Z
2
value 0.0013
scoring_system epss
scoring_elements 0.32089
published_at 2026-06-06T12:55:00Z
3
value 0.0013
scoring_system epss
scoring_elements 0.32052
published_at 2026-06-07T12:55:00Z
4
value 0.0013
scoring_system epss
scoring_elements 0.3202
published_at 2026-06-08T12:55:00Z
5
value 0.0013
scoring_system epss
scoring_elements 0.32043
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15859
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15859
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15859
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1859168
reference_id 1859168
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1859168
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965978
reference_id 965978
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965978
6
reference_url https://security.gentoo.org/glsa/202208-27
reference_id GLSA-202208-27
reference_type
scores
url https://security.gentoo.org/glsa/202208-27
7
reference_url https://access.redhat.com/errata/RHSA-2021:4191
reference_id RHSA-2021:4191
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4191
8
reference_url https://usn.ubuntu.com/4725-1/
reference_id USN-4725-1
reference_type
scores
url https://usn.ubuntu.com/4725-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.0.0-r0%3Farch=aarch64&distroversion=v3.17&reponame=community
aliases CVE-2020-15859
risk_score 1.7
exploitability 0.5
weighted_severity 3.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aeaj-unp2-jbgu
4
url VCID-mhs5-kf1v-uybt
vulnerability_id VCID-mhs5-kf1v-uybt
summary address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13659.json
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13659.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13659
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.11204
published_at 2026-06-04T12:55:00Z
1
value 0.00037
scoring_system epss
scoring_elements 0.11292
published_at 2026-06-05T12:55:00Z
2
value 0.00037
scoring_system epss
scoring_elements 0.11283
published_at 2026-06-06T12:55:00Z
3
value 0.00037
scoring_system epss
scoring_elements 0.11251
published_at 2026-06-07T12:55:00Z
4
value 0.00037
scoring_system epss
scoring_elements 0.11169
published_at 2026-06-08T12:55:00Z
5
value 0.00037
scoring_system epss
scoring_elements 0.11184
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13659
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1842496
reference_id 1842496
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1842496
10
reference_url https://security.gentoo.org/glsa/202011-09
reference_id GLSA-202011-09
reference_type
scores
url https://security.gentoo.org/glsa/202011-09
11
reference_url https://usn.ubuntu.com/4467-1/
reference_id USN-4467-1
reference_type
scores
url https://usn.ubuntu.com/4467-1/
12
reference_url https://usn.ubuntu.com/4467-2/
reference_id USN-4467-2
reference_type
scores
url https://usn.ubuntu.com/4467-2/
fixed_packages
0
url pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.0.0-r0%3Farch=aarch64&distroversion=v3.17&reponame=community
aliases CVE-2020-13659
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mhs5-kf1v-uybt
5
url VCID-nqvh-8ynv-rqhn
vulnerability_id VCID-nqvh-8ynv-rqhn
summary eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27617.json
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27617.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-27617
reference_id
reference_type
scores
0
value 0.00257
scoring_system epss
scoring_elements 0.49279
published_at 2026-06-04T12:55:00Z
1
value 0.00257
scoring_system epss
scoring_elements 0.4934
published_at 2026-06-05T12:55:00Z
2
value 0.00257
scoring_system epss
scoring_elements 0.4935
published_at 2026-06-06T12:55:00Z
3
value 0.00257
scoring_system epss
scoring_elements 0.49333
published_at 2026-06-07T12:55:00Z
4
value 0.00257
scoring_system epss
scoring_elements 0.49303
published_at 2026-06-08T12:55:00Z
5
value 0.00257
scoring_system epss
scoring_elements 0.49315
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-27617
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27617
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27617
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1891668
reference_id 1891668
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1891668
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973324
reference_id 973324
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973324
6
reference_url https://access.redhat.com/errata/RHSA-2021:3061
reference_id RHSA-2021:3061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3061
7
reference_url https://usn.ubuntu.com/4650-1/
reference_id USN-4650-1
reference_type
scores
url https://usn.ubuntu.com/4650-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.0.0-r0%3Farch=aarch64&distroversion=v3.17&reponame=community
aliases CVE-2020-27617
risk_score 1.7
exploitability 0.5
weighted_severity 3.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nqvh-8ynv-rqhn
6
url VCID-qsay-zdn2-8kfg
vulnerability_id VCID-qsay-zdn2-8kfg
summary ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13800.json
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13800.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13800
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.22448
published_at 2026-06-09T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.22444
published_at 2026-06-08T12:55:00Z
2
value 0.00104
scoring_system epss
scoring_elements 0.28034
published_at 2026-06-05T12:55:00Z
3
value 0.00104
scoring_system epss
scoring_elements 0.27984
published_at 2026-06-06T12:55:00Z
4
value 0.00104
scoring_system epss
scoring_elements 0.27947
published_at 2026-06-07T12:55:00Z
5
value 0.00104
scoring_system epss
scoring_elements 0.27964
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13800
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13800
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13800
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1843771
reference_id 1843771
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1843771
5
reference_url https://security.gentoo.org/glsa/202011-09
reference_id GLSA-202011-09
reference_type
scores
url https://security.gentoo.org/glsa/202011-09
6
reference_url https://usn.ubuntu.com/4467-1/
reference_id USN-4467-1
reference_type
scores
url https://usn.ubuntu.com/4467-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.0.0-r0%3Farch=aarch64&distroversion=v3.17&reponame=community
aliases CVE-2020-13800
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qsay-zdn2-8kfg
7
url VCID-qv66-59z7-37ht
vulnerability_id VCID-qv66-59z7-37ht
summary oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14415.json
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14415.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14415
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.30301
published_at 2026-06-04T12:55:00Z
1
value 0.00118
scoring_system epss
scoring_elements 0.30375
published_at 2026-06-05T12:55:00Z
2
value 0.00118
scoring_system epss
scoring_elements 0.3034
published_at 2026-06-06T12:55:00Z
3
value 0.00118
scoring_system epss
scoring_elements 0.30311
published_at 2026-06-07T12:55:00Z
4
value 0.00118
scoring_system epss
scoring_elements 0.3028
published_at 2026-06-08T12:55:00Z
5
value 0.00118
scoring_system epss
scoring_elements 0.30296
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14415
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14415
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14415
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1848117
reference_id 1848117
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1848117
5
reference_url https://usn.ubuntu.com/4467-1/
reference_id USN-4467-1
reference_type
scores
url https://usn.ubuntu.com/4467-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.0.0-r0%3Farch=aarch64&distroversion=v3.17&reponame=community
aliases CVE-2020-14415
risk_score 1.7
exploitability 0.5
weighted_severity 3.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qv66-59z7-37ht
8
url VCID-r3uf-p8j2-73da
vulnerability_id VCID-r3uf-p8j2-73da
summary ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a calculation. A guest can crash the QEMU process.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27616.json
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27616.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-27616
reference_id
reference_type
scores
0
value 0.00503
scoring_system epss
scoring_elements 0.66465
published_at 2026-06-04T12:55:00Z
1
value 0.00503
scoring_system epss
scoring_elements 0.66505
published_at 2026-06-05T12:55:00Z
2
value 0.00503
scoring_system epss
scoring_elements 0.66513
published_at 2026-06-06T12:55:00Z
3
value 0.00503
scoring_system epss
scoring_elements 0.66497
published_at 2026-06-07T12:55:00Z
4
value 0.00503
scoring_system epss
scoring_elements 0.66483
published_at 2026-06-08T12:55:00Z
5
value 0.00503
scoring_system epss
scoring_elements 0.665
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-27616
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27616
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27616
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1894036
reference_id 1894036
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1894036
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975265
reference_id 975265
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975265
6
reference_url https://usn.ubuntu.com/4650-1/
reference_id USN-4650-1
reference_type
scores
url https://usn.ubuntu.com/4650-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.0.0-r0%3Farch=aarch64&distroversion=v3.17&reponame=community
aliases CVE-2020-27616
risk_score 1.2
exploitability 0.5
weighted_severity 2.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r3uf-p8j2-73da
9
url VCID-zd4g-wfat-jyc3
vulnerability_id VCID-zd4g-wfat-jyc3
summary An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20221.json
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20221.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20221
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07826
published_at 2026-06-04T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07859
published_at 2026-06-05T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07871
published_at 2026-06-06T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07844
published_at 2026-06-07T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.078
published_at 2026-06-08T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07816
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20221
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20221
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20221
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1924601
reference_id 1924601
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1924601
5
reference_url https://access.redhat.com/errata/RHSA-2021:1125
reference_id RHSA-2021:1125
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1125
6
reference_url https://access.redhat.com/errata/RHSA-2021:2521
reference_id RHSA-2021:2521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2521
7
reference_url https://access.redhat.com/errata/RHSA-2021:3061
reference_id RHSA-2021:3061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3061
8
reference_url https://usn.ubuntu.com/5010-1/
reference_id USN-5010-1
reference_type
scores
url https://usn.ubuntu.com/5010-1/
fixed_packages
0
url pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/qemu@5.0.0-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.0.0-r0%3Farch=aarch64&distroversion=v3.17&reponame=community
aliases CVE-2021-20221
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zd4g-wfat-jyc3
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.0.0-r0%3Farch=aarch64&distroversion=v3.17&reponame=community