{"url":"http://public2.vulnerablecode.io/api/packages/467904?format=json","purl":"pkg:apk/alpine/aom@3.1.1-r0?arch=x86&distroversion=v3.22&reponame=main","type":"apk","namespace":"alpine","name":"aom","version":"3.1.1-r0","qualifiers":{"arch":"x86","distroversion":"v3.22","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.9.1-r0","latest_non_vulnerable_version":"3.9.1-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34149?format=json","vulnerability_id":"VCID-42kw-yczz-q7f9","summary":"Multiple vulnerabilities have been discovered in libaom, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30474","reference_id":"","reference_type":"","scores":[{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38524","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.3855","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38496","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38632","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38656","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38519","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.3857","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38578","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38589","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36130","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36130"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36133","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36133"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36135","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36135"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30475"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/AVG-1925","reference_id":"AVG-1925","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1925"},{"reference_url":"https://security.gentoo.org/glsa/202401-32","reference_id":"GLSA-202401-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-32"},{"reference_url":"https://usn.ubuntu.com/6447-1/","reference_id":"USN-6447-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6447-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/467904?format=json","purl":"pkg:apk/alpine/aom@3.1.1-r0?arch=x86&distroversion=v3.22&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/aom@3.1.1-r0%3Farch=x86&distroversion=v3.22&reponame=main"}],"aliases":["CVE-2021-30474"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-42kw-yczz-q7f9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34150?format=json","vulnerability_id":"VCID-ed5k-acd1-27hn","summary":"Multiple vulnerabilities have been discovered in libaom, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30475","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43753","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43769","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43715","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.4377","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43794","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43727","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43778","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43781","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43801","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36130","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36130"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36133","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36133"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36135","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36135"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30475"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/AVG-2039","reference_id":"AVG-2039","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2039"},{"reference_url":"https://security.gentoo.org/glsa/202401-32","reference_id":"GLSA-202401-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-32"},{"reference_url":"https://usn.ubuntu.com/6447-1/","reference_id":"USN-6447-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6447-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/467904?format=json","purl":"pkg:apk/alpine/aom@3.1.1-r0?arch=x86&distroversion=v3.22&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/aom@3.1.1-r0%3Farch=x86&distroversion=v3.22&reponame=main"}],"aliases":["CVE-2021-30475"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ed5k-acd1-27hn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34148?format=json","vulnerability_id":"VCID-ytsf-k9ep-17h3","summary":"Multiple vulnerabilities have been discovered in libaom, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30473","reference_id":"","reference_type":"","scores":[{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.48017","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.48006","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47949","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47988","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.48009","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.47958","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.48011","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.48005","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.48029","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36130","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36130"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36133","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36133"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36135","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36135"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30475"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988211","reference_id":"988211","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988211"},{"reference_url":"https://security.archlinux.org/AVG-1925","reference_id":"AVG-1925","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1925"},{"reference_url":"https://security.gentoo.org/glsa/202401-32","reference_id":"GLSA-202401-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-32"},{"reference_url":"https://usn.ubuntu.com/6447-1/","reference_id":"USN-6447-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6447-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/467904?format=json","purl":"pkg:apk/alpine/aom@3.1.1-r0?arch=x86&distroversion=v3.22&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/aom@3.1.1-r0%3Farch=x86&distroversion=v3.22&reponame=main"}],"aliases":["CVE-2021-30473"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ytsf-k9ep-17h3"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/aom@3.1.1-r0%3Farch=x86&distroversion=v3.22&reponame=main"}