{"url":"http://public2.vulnerablecode.io/api/packages/443443?format=json","purl":"pkg:apk/alpine/intel-ucode@20240813-r0?arch=x86&distroversion=v3.19&reponame=main","type":"apk","namespace":"alpine","name":"intel-ucode","version":"20240813-r0","qualifiers":{"arch":"x86","distroversion":"v3.19","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"20240910-r0","latest_non_vulnerable_version":"20250812-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73922?format=json","vulnerability_id":"VCID-655n-qeh6-vycp","summary":"Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24853","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25219","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25335","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25318","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25269","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25211","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24853"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24853","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24853"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078742","reference_id":"1078742","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078742"},{"reference_url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01083.html","reference_id":"intel-sa-01083.html","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T19:14:11Z/"}],"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01083.html"},{"reference_url":"https://usn.ubuntu.com/6967-1/","reference_id":"USN-6967-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6967-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/443443?format=json","purl":"pkg:apk/alpine/intel-ucode@20240813-r0?arch=x86&distroversion=v3.19&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/intel-ucode@20240813-r0%3Farch=x86&distroversion=v3.19&reponame=main"}],"aliases":["CVE-2024-24853"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-655n-qeh6-vycp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73886?format=json","vulnerability_id":"VCID-884h-94rp-8qh8","summary":"Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-42667","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13712","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13803","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13806","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13767","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13682","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-42667"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42667","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42667"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078742","reference_id":"1078742","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078742"},{"reference_url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01038.html","reference_id":"intel-sa-01038.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T15:09:41Z/"}],"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01038.html"},{"reference_url":"https://usn.ubuntu.com/6967-1/","reference_id":"USN-6967-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6967-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/443443?format=json","purl":"pkg:apk/alpine/intel-ucode@20240813-r0?arch=x86&distroversion=v3.19&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/intel-ucode@20240813-r0%3Farch=x86&distroversion=v3.19&reponame=main"}],"aliases":["CVE-2023-42667"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-884h-94rp-8qh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73930?format=json","vulnerability_id":"VCID-nb1d-wfde-jba8","summary":"Mirrored regions with different values in 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25939","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.288","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28897","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28861","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28825","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.2879","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25939"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078742","reference_id":"1078742","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078742"},{"reference_url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01118.html","reference_id":"intel-sa-01118.html","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T16:17:26Z/"}],"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01118.html"},{"reference_url":"https://usn.ubuntu.com/6967-1/","reference_id":"USN-6967-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6967-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/443443?format=json","purl":"pkg:apk/alpine/intel-ucode@20240813-r0?arch=x86&distroversion=v3.19&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/intel-ucode@20240813-r0%3Farch=x86&distroversion=v3.19&reponame=main"}],"aliases":["CVE-2024-25939"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nb1d-wfde-jba8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73906?format=json","vulnerability_id":"VCID-yr2w-vtvu-gkcq","summary":"Improper isolation in some Intel(R) Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49141","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15804","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15794","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23115","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23167","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23111","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49141"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49141"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078742","reference_id":"1078742","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078742"},{"reference_url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01046.html","reference_id":"intel-sa-01046.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:39:50Z/"}],"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01046.html"},{"reference_url":"https://usn.ubuntu.com/6967-1/","reference_id":"USN-6967-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6967-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/443443?format=json","purl":"pkg:apk/alpine/intel-ucode@20240813-r0?arch=x86&distroversion=v3.19&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/intel-ucode@20240813-r0%3Farch=x86&distroversion=v3.19&reponame=main"}],"aliases":["CVE-2023-49141"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yr2w-vtvu-gkcq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73928?format=json","vulnerability_id":"VCID-zwv5-prmv-nudk","summary":"Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24980","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21428","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21538","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21525","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21477","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21418","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24980"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078742","reference_id":"1078742","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078742"},{"reference_url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01100.html","reference_id":"intel-sa-01100.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T13:59:03Z/"}],"url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01100.html"},{"reference_url":"https://usn.ubuntu.com/6967-1/","reference_id":"USN-6967-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6967-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/443443?format=json","purl":"pkg:apk/alpine/intel-ucode@20240813-r0?arch=x86&distroversion=v3.19&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/intel-ucode@20240813-r0%3Farch=x86&distroversion=v3.19&reponame=main"}],"aliases":["CVE-2024-24980"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zwv5-prmv-nudk"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/intel-ucode@20240813-r0%3Farch=x86&distroversion=v3.19&reponame=main"}