Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/qemu@6.1.0-r0?arch=s390x&distroversion=v3.21&reponame=community
Typeapk
Namespacealpine
Nameqemu
Version6.1.0-r0
Qualifiers
arch s390x
distroversion v3.21
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version7.0.0-r0
Latest_non_vulnerable_version8.0.2-r1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-7nkr-q4zp-4uc5
vulnerability_id VCID-7nkr-q4zp-4uc5
summary A NULL pointer dereference flaw was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU in versions before and including 6.0. This issue occurs in the megasas_command_cancelled() callback function while dropping a SCSI request. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35503.json
reference_id
reference_type
scores
0
value 3.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35503.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-35503
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.07076
published_at 2026-06-04T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.07109
published_at 2026-06-05T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.07115
published_at 2026-06-06T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.071
published_at 2026-06-07T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.07057
published_at 2026-06-08T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.07077
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-35503
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35503
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35503
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1910346
reference_id 1910346
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1910346
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979678
reference_id 979678
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979678
fixed_packages
0
url pkg:apk/alpine/qemu@6.1.0-r0?arch=s390x&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/qemu@6.1.0-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@6.1.0-r0%3Farch=s390x&distroversion=v3.21&reponame=community
aliases CVE-2020-35503
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7nkr-q4zp-4uc5
1
url VCID-bwpg-rq24-3ygz
vulnerability_id VCID-bwpg-rq24-3ygz
summary An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw exists in virgl_cmd_get_capset_info() in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest could exploit this issue to leak memory from the host.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3545.json
reference_id
reference_type
scores
0
value 3.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3545.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3545
reference_id
reference_type
scores
0
value 0.00151
scoring_system epss
scoring_elements 0.35392
published_at 2026-06-04T12:55:00Z
1
value 0.00151
scoring_system epss
scoring_elements 0.35489
published_at 2026-06-05T12:55:00Z
2
value 0.00151
scoring_system epss
scoring_elements 0.355
published_at 2026-06-06T12:55:00Z
3
value 0.00151
scoring_system epss
scoring_elements 0.35461
published_at 2026-06-07T12:55:00Z
4
value 0.00151
scoring_system epss
scoring_elements 0.35422
published_at 2026-06-08T12:55:00Z
5
value 0.00151
scoring_system epss
scoring_elements 0.3544
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3545
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1958955
reference_id 1958955
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1958955
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042
reference_id 989042
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042
12
reference_url https://security.gentoo.org/glsa/202208-27
reference_id GLSA-202208-27
reference_type
scores
url https://security.gentoo.org/glsa/202208-27
13
reference_url https://usn.ubuntu.com/5010-1/
reference_id USN-5010-1
reference_type
scores
url https://usn.ubuntu.com/5010-1/
14
reference_url https://usn.ubuntu.com/5307-1/
reference_id USN-5307-1
reference_type
scores
url https://usn.ubuntu.com/5307-1/
fixed_packages
0
url pkg:apk/alpine/qemu@6.1.0-r0?arch=s390x&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/qemu@6.1.0-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@6.1.0-r0%3Farch=s390x&distroversion=v3.21&reponame=community
aliases CVE-2021-3545
risk_score 1.4
exploitability 0.5
weighted_severity 2.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bwpg-rq24-3ygz
2
url VCID-qt3x-wty6-cqh5
vulnerability_id VCID-qt3x-wty6-cqh5
summary A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3507.json
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3507.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3507
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08793
published_at 2026-06-04T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08834
published_at 2026-06-05T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.0885
published_at 2026-06-06T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.08831
published_at 2026-06-07T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.08786
published_at 2026-06-08T12:55:00Z
5
value 0.00029
scoring_system epss
scoring_elements 0.08827
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3507
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3507
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3507
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1951118
reference_id 1951118
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1951118
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987410
reference_id 987410
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987410
6
reference_url https://access.redhat.com/errata/RHSA-2022:7472
reference_id RHSA-2022:7472
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7472
7
reference_url https://access.redhat.com/errata/RHSA-2022:7967
reference_id RHSA-2022:7967
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7967
8
reference_url https://usn.ubuntu.com/5489-1/
reference_id USN-5489-1
reference_type
scores
url https://usn.ubuntu.com/5489-1/
fixed_packages
0
url pkg:apk/alpine/qemu@6.1.0-r0?arch=s390x&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/qemu@6.1.0-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@6.1.0-r0%3Farch=s390x&distroversion=v3.21&reponame=community
aliases CVE-2021-3507
risk_score 2.0
exploitability 0.5
weighted_severity 4.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qt3x-wty6-cqh5
3
url VCID-ywng-svvx-ffe9
vulnerability_id VCID-ywng-svvx-ffe9
summary A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3682.json
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3682.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3682
reference_id
reference_type
scores
0
value 0.00477
scoring_system epss
scoring_elements 0.65294
published_at 2026-06-04T12:55:00Z
1
value 0.00477
scoring_system epss
scoring_elements 0.65335
published_at 2026-06-07T12:55:00Z
2
value 0.00477
scoring_system epss
scoring_elements 0.65344
published_at 2026-06-09T12:55:00Z
3
value 0.00477
scoring_system epss
scoring_elements 0.65346
published_at 2026-06-06T12:55:00Z
4
value 0.00477
scoring_system epss
scoring_elements 0.65324
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3682
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1989651
reference_id 1989651
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1989651
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991911
reference_id 991911
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991911
12
reference_url https://security.gentoo.org/glsa/202208-27
reference_id GLSA-202208-27
reference_type
scores
url https://security.gentoo.org/glsa/202208-27
13
reference_url https://access.redhat.com/errata/RHSA-2021:3703
reference_id RHSA-2021:3703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3703
14
reference_url https://access.redhat.com/errata/RHSA-2021:3704
reference_id RHSA-2021:3704
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3704
15
reference_url https://usn.ubuntu.com/5307-1/
reference_id USN-5307-1
reference_type
scores
url https://usn.ubuntu.com/5307-1/
16
reference_url https://usn.ubuntu.com/5772-1/
reference_id USN-5772-1
reference_type
scores
url https://usn.ubuntu.com/5772-1/
fixed_packages
0
url pkg:apk/alpine/qemu@6.1.0-r0?arch=s390x&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/qemu@6.1.0-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@6.1.0-r0%3Farch=s390x&distroversion=v3.21&reponame=community
aliases CVE-2021-3682
risk_score 3.9
exploitability 0.5
weighted_severity 7.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ywng-svvx-ffe9
4
url VCID-zbn7-1gcj-kbhz
vulnerability_id VCID-zbn7-1gcj-kbhz
summary Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3544.json
reference_id
reference_type
scores
0
value 3.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3544.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3544
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09866
published_at 2026-06-04T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09909
published_at 2026-06-05T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09923
published_at 2026-06-06T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09896
published_at 2026-06-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09813
published_at 2026-06-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09845
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3544
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1958935
reference_id 1958935
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1958935
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042
reference_id 989042
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042
12
reference_url https://security.gentoo.org/glsa/202208-27
reference_id GLSA-202208-27
reference_type
scores
url https://security.gentoo.org/glsa/202208-27
13
reference_url https://usn.ubuntu.com/5010-1/
reference_id USN-5010-1
reference_type
scores
url https://usn.ubuntu.com/5010-1/
14
reference_url https://usn.ubuntu.com/5307-1/
reference_id USN-5307-1
reference_type
scores
url https://usn.ubuntu.com/5307-1/
fixed_packages
0
url pkg:apk/alpine/qemu@6.1.0-r0?arch=s390x&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/qemu@6.1.0-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@6.1.0-r0%3Farch=s390x&distroversion=v3.21&reponame=community
aliases CVE-2021-3544
risk_score 1.4
exploitability 0.5
weighted_severity 2.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zbn7-1gcj-kbhz
5
url VCID-zg1e-21t5-8yb5
vulnerability_id VCID-zg1e-21t5-8yb5
summary An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIO_GPU_CMD_GET_CAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service condition, or potential code execution with the privileges of the QEMU process.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3546.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3546.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3546
reference_id
reference_type
scores
0
value 0.00172
scoring_system epss
scoring_elements 0.38371
published_at 2026-06-04T12:55:00Z
1
value 0.00172
scoring_system epss
scoring_elements 0.38459
published_at 2026-06-05T12:55:00Z
2
value 0.00172
scoring_system epss
scoring_elements 0.38462
published_at 2026-06-06T12:55:00Z
3
value 0.00172
scoring_system epss
scoring_elements 0.38434
published_at 2026-06-07T12:55:00Z
4
value 0.00172
scoring_system epss
scoring_elements 0.38406
published_at 2026-06-08T12:55:00Z
5
value 0.00172
scoring_system epss
scoring_elements 0.38416
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3546
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1958978
reference_id 1958978
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1958978
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042
reference_id 989042
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042
12
reference_url https://security.gentoo.org/glsa/202208-27
reference_id GLSA-202208-27
reference_type
scores
url https://security.gentoo.org/glsa/202208-27
13
reference_url https://usn.ubuntu.com/5010-1/
reference_id USN-5010-1
reference_type
scores
url https://usn.ubuntu.com/5010-1/
14
reference_url https://usn.ubuntu.com/5307-1/
reference_id USN-5307-1
reference_type
scores
url https://usn.ubuntu.com/5307-1/
fixed_packages
0
url pkg:apk/alpine/qemu@6.1.0-r0?arch=s390x&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/qemu@6.1.0-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@6.1.0-r0%3Farch=s390x&distroversion=v3.21&reponame=community
aliases CVE-2021-3546
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zg1e-21t5-8yb5
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@6.1.0-r0%3Farch=s390x&distroversion=v3.21&reponame=community