{"url":"http://public2.vulnerablecode.io/api/packages/474555?format=json","purl":"pkg:apk/alpine/xen@4.16.6-r0?arch=s390x&distroversion=v3.16&reponame=main","type":"apk","namespace":"alpine","name":"xen","version":"4.16.6-r0","qualifiers":{"arch":"s390x","distroversion":"v3.16","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4380?format=json","vulnerability_id":"VCID-1tb8-t91c-63bp","summary":"x86: Native Branch History Injection","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2201.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2201.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2201","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08769","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.0878","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08735","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09139","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09114","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09191","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09057","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09077","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0918","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09195","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09226","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09224","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09194","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2201"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/04/09/15","reference_id":"15","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-31T18:51:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/04/09/15"},{"reference_url":"https://www.kb.cert.org/vuls/id/155143","reference_id":"155143","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-31T18:51:54Z/"}],"url":"https://www.kb.cert.org/vuls/id/155143"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268118","reference_id":"2268118","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268118"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QKNCPX7CJUK4I6BRGABAUQK2DMQZUCA/","reference_id":"6QKNCPX7CJUK4I6BRGABAUQK2DMQZUCA","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-31T18:51:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QKNCPX7CJUK4I6BRGABAUQK2DMQZUCA/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/05/07/7","reference_id":"7","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-31T18:51:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/05/07/7"},{"reference_url":"http://xenbits.xen.org/xsa/advisory-456.html","reference_id":"advisory-456.html","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-31T18:51:54Z/"}],"url":"http://xenbits.xen.org/xsa/advisory-456.html"},{"reference_url":"https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/branch-history-injection.htm","reference_id":"branch-history-injection.htm","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-31T18:51:54Z/"}],"url":"https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/branch-history-injection.htm"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5OK6MH75S7YWD34EWW7QIZTS627RIE3/","reference_id":"D5OK6MH75S7YWD34EWW7QIZTS627RIE3","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-31T18:51:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5OK6MH75S7YWD34EWW7QIZTS627RIE3/"},{"reference_url":"https://github.com/vusec/inspectre-gadget?tab=readme-ov-file","reference_id":"inspectre-gadget?tab=readme-ov-file","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-31T18:51:54Z/"}],"url":"https://github.com/vusec/inspectre-gadget?tab=readme-ov-file"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5101","reference_id":"RHSA-2024:5101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5102","reference_id":"RHSA-2024:5102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6994","reference_id":"RHSA-2024:6994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6995","reference_id":"RHSA-2024:6995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8613","reference_id":"RHSA-2024:8613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8614","reference_id":"RHSA-2024:8614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8617","reference_id":"RHSA-2024:8617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8617"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RYAZ7P6YFJ2E3FHKAGIKHWS46KYMMTZH/","reference_id":"RYAZ7P6YFJ2E3FHKAGIKHWS46KYMMTZH","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-31T18:51:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RYAZ7P6YFJ2E3FHKAGIKHWS46KYMMTZH/"},{"reference_url":"https://usn.ubuntu.com/6766-1/","reference_id":"USN-6766-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6766-1/"},{"reference_url":"https://usn.ubuntu.com/6766-2/","reference_id":"USN-6766-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6766-2/"},{"reference_url":"https://usn.ubuntu.com/6766-3/","reference_id":"USN-6766-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6766-3/"},{"reference_url":"https://usn.ubuntu.com/6774-1/","reference_id":"USN-6774-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6774-1/"},{"reference_url":"https://usn.ubuntu.com/6795-1/","reference_id":"USN-6795-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6795-1/"},{"reference_url":"https://usn.ubuntu.com/6828-1/","reference_id":"USN-6828-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6828-1/"},{"reference_url":"https://usn.ubuntu.com/6865-1/","reference_id":"USN-6865-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6865-1/"},{"reference_url":"https://usn.ubuntu.com/6866-1/","reference_id":"USN-6866-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6866-1/"},{"reference_url":"https://usn.ubuntu.com/6866-2/","reference_id":"USN-6866-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6866-2/"},{"reference_url":"https://usn.ubuntu.com/6866-3/","reference_id":"USN-6866-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6866-3/"},{"reference_url":"https://usn.ubuntu.com/6868-1/","reference_id":"USN-6868-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6868-1/"},{"reference_url":"https://usn.ubuntu.com/6868-2/","reference_id":"USN-6868-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6868-2/"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-456.html","reference_id":"XSA-456","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-456.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/474555?format=json","purl":"pkg:apk/alpine/xen@4.16.6-r0?arch=s390x&distroversion=v3.16&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.16.6-r0%3Farch=s390x&distroversion=v3.16&reponame=main"}],"aliases":["CVE-2024-2201","XSA-456"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1tb8-t91c-63bp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4378?format=json","vulnerability_id":"VCID-rt5n-e4wq-p3gh","summary":"x86 HVM hypercalls may trigger Xen bug check","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46842","reference_id":"","reference_type":"","scores":[{"value":"0.02093","scoring_system":"epss","scoring_elements":"0.84099","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02093","scoring_system":"epss","scoring_elements":"0.83982","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02093","scoring_system":"epss","scoring_elements":"0.84062","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02093","scoring_system":"epss","scoring_elements":"0.84088","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02093","scoring_system":"epss","scoring_elements":"0.84094","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02093","scoring_system":"epss","scoring_elements":"0.83997","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02093","scoring_system":"epss","scoring_elements":"0.84","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02093","scoring_system":"epss","scoring_elements":"0.84023","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02093","scoring_system":"epss","scoring_elements":"0.8403","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02093","scoring_system":"epss","scoring_elements":"0.84047","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02093","scoring_system":"epss","scoring_elements":"0.8404","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02093","scoring_system":"epss","scoring_elements":"0.84035","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02093","scoring_system":"epss","scoring_elements":"0.84058","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02093","scoring_system":"epss","scoring_elements":"0.84061","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46842"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://xenbits.xenproject.org/xsa/advisory-454.html","reference_id":"advisory-454.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T18:23:20Z/"}],"url":"https://xenbits.xenproject.org/xsa/advisory-454.html"},{"reference_url":"https://security.gentoo.org/glsa/202409-10","reference_id":"GLSA-202409-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-10"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-454.html","reference_id":"XSA-454","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-454.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/474555?format=json","purl":"pkg:apk/alpine/xen@4.16.6-r0?arch=s390x&distroversion=v3.16&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.16.6-r0%3Farch=s390x&distroversion=v3.16&reponame=main"}],"aliases":["CVE-2023-46842","XSA-454"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rt5n-e4wq-p3gh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4379?format=json","vulnerability_id":"VCID-z9rm-9p2q-wfag","summary":"x86: Incorrect logic for BTC/SRSO mitigations","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31142","reference_id":"","reference_type":"","scores":[{"value":"0.03118","scoring_system":"epss","scoring_elements":"0.8688","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03118","scoring_system":"epss","scoring_elements":"0.86856","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03118","scoring_system":"epss","scoring_elements":"0.86872","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03118","scoring_system":"epss","scoring_elements":"0.86879","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03118","scoring_system":"epss","scoring_elements":"0.86789","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03118","scoring_system":"epss","scoring_elements":"0.86808","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03118","scoring_system":"epss","scoring_elements":"0.86802","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03118","scoring_system":"epss","scoring_elements":"0.86821","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03118","scoring_system":"epss","scoring_elements":"0.8683","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03118","scoring_system":"epss","scoring_elements":"0.86843","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03118","scoring_system":"epss","scoring_elements":"0.86839","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03118","scoring_system":"epss","scoring_elements":"0.86835","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03118","scoring_system":"epss","scoring_elements":"0.86852","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31142"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://xenbits.xenproject.org/xsa/advisory-455.html","reference_id":"advisory-455.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-20T13:51:28Z/"}],"url":"https://xenbits.xenproject.org/xsa/advisory-455.html"},{"reference_url":"https://security.gentoo.org/glsa/202409-10","reference_id":"GLSA-202409-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-10"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-455.html","reference_id":"XSA-455","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-455.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/474555?format=json","purl":"pkg:apk/alpine/xen@4.16.6-r0?arch=s390x&distroversion=v3.16&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.16.6-r0%3Farch=s390x&distroversion=v3.16&reponame=main"}],"aliases":["CVE-2024-31142","XSA-455"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z9rm-9p2q-wfag"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.16.6-r0%3Farch=s390x&distroversion=v3.16&reponame=main"}