Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/458907?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/458907?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86_64&distroversion=v3.16&reponame=community", "type": "apk", "namespace": "alpine", "name": "libvncserver", "version": "0.9.13-r0", "qualifiers": { "arch": "x86_64", "distroversion": "v3.16", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81164?format=api", "vulnerability_id": "VCID-6w3g-x86a-sfbj", "summary": "libvncserver: libvncserver/corre.c allows out-of-bounds access via encodings", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14402.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14402.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14402", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.8441", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84425", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84444", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84446", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84468", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84492", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84486", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84481", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84503", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84504", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84506", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84533", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84542", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84545", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02216", "scoring_system": "epss", "scoring_elements": "0.84561", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14402" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860367", "reference_id": "1860367", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860367" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" }, { "reference_url": "https://usn.ubuntu.com/4573-1/", "reference_id": "USN-4573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4573-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/458907?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86_64&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86_64&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-14402" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6w3g-x86a-sfbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81317?format=api", "vulnerability_id": "VCID-7taj-t1kg-h3a9", "summary": "libvncserver: libvncserver/rfbserver.c has a divide by zero which could result in DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25708.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25708.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25708", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72293", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72255", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72265", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72252", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72297", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72306", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72303", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.7376", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73751", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73703", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73713", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73736", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73708", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73743", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73756", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.73778", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25708" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1896739", "reference_id": "1896739", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1896739" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1811", "reference_id": "RHSA-2021:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1811" }, { "reference_url": "https://usn.ubuntu.com/4636-1/", "reference_id": "USN-4636-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4636-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/458907?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86_64&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86_64&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-25708" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7taj-t1kg-h3a9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81163?format=api", "vulnerability_id": "VCID-9eyh-gzse-8qdk", "summary": "libvncserver: libvncserver/scale.c has a pixel_value integer overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14401.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14401.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81711", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81721", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81745", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81741", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81768", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81773", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81792", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.8178", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81776", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81813", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81816", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.8184", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.8185", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81855", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01613", "scoring_system": "epss", "scoring_elements": "0.81873", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14401" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860364", "reference_id": "1860364", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860364" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/458907?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86_64&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86_64&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-14401" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9eyh-gzse-8qdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81157?format=api", "vulnerability_id": "VCID-d3c1-uv78-a7cj", "summary": "libvncserver: libvncserver/rre.c allows out-of-bounds access via encodings", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14404.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14404.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79907", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79935", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79923", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79952", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79961", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79981", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79964", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79956", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79984", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.79987", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.80015", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.8002", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.80036", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.80049", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14404" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860337", "reference_id": "1860337", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860337" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" }, { "reference_url": "https://usn.ubuntu.com/4573-1/", "reference_id": "USN-4573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4573-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/458907?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86_64&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86_64&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-14404" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d3c1-uv78-a7cj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81161?format=api", "vulnerability_id": "VCID-kzk2-vaa2-6bfa", "summary": "libvncserver: byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14399.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14399.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85311", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85176", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85187", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85205", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85206", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85228", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85236", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85251", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85245", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85265", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85267", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85266", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85289", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85298", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85297", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14399" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860354", "reference_id": "1860354", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860354" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/458907?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86_64&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86_64&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-14399" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kzk2-vaa2-6bfa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81156?format=api", "vulnerability_id": "VCID-nxh7-7s8e-g3ec", "summary": "libvncserver: libvncserver/hextile.c allows out-of-bounds access via encodings", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14403.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14403.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14403", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78107", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78116", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78145", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78128", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78154", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78161", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78186", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78169", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78165", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78198", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78197", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78192", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78224", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.7823", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78244", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01113", "scoring_system": "epss", "scoring_elements": "0.78258", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14403" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14403", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14403" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860334", "reference_id": "1860334", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860334" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" }, { "reference_url": "https://usn.ubuntu.com/4573-1/", "reference_id": "USN-4573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4573-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/458907?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86_64&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86_64&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-14403" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nxh7-7s8e-g3ec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81153?format=api", "vulnerability_id": "VCID-q3t7-3yq6-gkan", "summary": "libvncserver: unaligned accesses in hybiReadAndDecode can lead to a crash", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20840.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20840.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83715", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83728", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83742", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83745", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83769", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83775", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83791", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83781", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83814", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83815", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83816", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83841", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83849", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83854", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02026", "scoring_system": "epss", "scoring_elements": "0.83876", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20840" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849881", "reference_id": "1849881", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849881" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/458907?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86_64&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86_64&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2019-20840" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q3t7-3yq6-gkan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81159?format=api", "vulnerability_id": "VCID-qfyp-1xhm-13au", "summary": "libvncserver: libvncserver/rfbregion.c has a NULL pointer dereference", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14397.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14397.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14397", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.88996", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89004", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.8902", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89022", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89039", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89045", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89057", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89052", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.8905", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89064", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89063", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89059", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89077", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89084", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89087", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.04438", "scoring_system": "epss", "scoring_elements": "0.89095", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14397" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860344", "reference_id": "1860344", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1811", "reference_id": "RHSA-2021:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1811" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" }, { "reference_url": "https://usn.ubuntu.com/4573-1/", "reference_id": "USN-4573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4573-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/458907?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86_64&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86_64&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-14397" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qfyp-1xhm-13au" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81152?format=api", "vulnerability_id": "VCID-sgkq-a36z-gyfp", "summary": "libvncserver: buffer overflow in ConnectClientToUnixSock()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20839.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20839.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88505", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88513", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.8853", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88534", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88553", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88557", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88569", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88561", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88575", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88571", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88585", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88591", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88589", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.04081", "scoring_system": "epss", "scoring_elements": "0.88601", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20839" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849877", "reference_id": "1849877", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1811", "reference_id": "RHSA-2021:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1811" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/458907?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86_64&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86_64&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2019-20839" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sgkq-a36z-gyfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81155?format=api", "vulnerability_id": "VCID-wzpf-4nu7-xyc6", "summary": "libvncserver: libvncclient/rfbproto.c does not limit TextChat size", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14405.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14405.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14405", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80698", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80708", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80729", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80725", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80753", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80761", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80778", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80762", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80754", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80791", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80792", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80793", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80817", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80821", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80835", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.80852", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14405" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860325", "reference_id": "1860325", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1811", "reference_id": "RHSA-2021:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1811" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/458907?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86_64&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86_64&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-14405" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wzpf-4nu7-xyc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81162?format=api", "vulnerability_id": "VCID-x78k-5wm4-kkaj", "summary": "libvncserver: byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14400.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14400.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14400", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85346", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85211", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85223", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85241", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85244", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85274", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85288", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85286", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85283", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85304", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85305", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85301", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85323", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85333", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02477", "scoring_system": "epss", "scoring_elements": "0.85332", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14400" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860361", "reference_id": "1860361", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860361" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/458907?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86_64&distroversion=v3.16&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86_64&distroversion=v3.16&reponame=community" } ], "aliases": [ "CVE-2020-14400" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x78k-5wm4-kkaj" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86_64&distroversion=v3.16&reponame=community" }