{"url":"http://public2.vulnerablecode.io/api/packages/4977?format=json","purl":"pkg:deb/debian/systemd@204-14~bpo70%2B1","type":"deb","namespace":"debian","name":"systemd","version":"204-14~bpo70+1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"252.39-1~deb12u2","latest_non_vulnerable_version":"252.39-1~deb12u2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/99514?format=json","vulnerability_id":"VCID-1ads-q8jw-6fcx","summary":"systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4415.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4415.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4415","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.10146","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.10124","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.1019","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.10211","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.10177","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.10091","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4415"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026831","reference_id":"1026831","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026831"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2155515","reference_id":"2155515","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2155515"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/12/21/3","reference_id":"3","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:33Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/12/21/3"},{"reference_url":"https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c","reference_id":"b7641425659243c09473cd8fb3aef2c0d4a3eb9c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:33Z/"}],"url":"https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c"},{"reference_url":"https://security.gentoo.org/glsa/202405-04","reference_id":"GLSA-202405-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0837","reference_id":"RHSA-2023:0837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0954","reference_id":"RHSA-2023:0954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1105","reference_id":"RHSA-2024:1105","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1105"},{"reference_url":"https://usn.ubuntu.com/5928-1/","reference_id":"USN-5928-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5928-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6455?format=json","purl":"pkg:deb/debian/systemd@247.3-7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@247.3-7%252Bdeb11u4"}],"aliases":["CVE-2022-4415"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ads-q8jw-6fcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101881?format=json","vulnerability_id":"VCID-1dm2-fdsy-a7aq","summary":"systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. This occurs even if the fs.protected_symlinks sysctl is turned on.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6954.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6954.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-6954","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34675","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34612","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.3471","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34726","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34691","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34656","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-6954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6954"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1545017","reference_id":"1545017","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1545017"},{"reference_url":"https://usn.ubuntu.com/3816-1/","reference_id":"3816-1","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:53:55Z/"}],"url":"https://usn.ubuntu.com/3816-1/"},{"reference_url":"https://usn.ubuntu.com/3816-2/","reference_id":"3816-2","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:53:55Z/"}],"url":"https://usn.ubuntu.com/3816-2/"},{"reference_url":"https://github.com/systemd/systemd/issues/7986","reference_id":"7986","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:53:55Z/"}],"url":"https://github.com/systemd/systemd/issues/7986"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890779","reference_id":"890779","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890779"},{"reference_url":"https://security.archlinux.org/ASA-201901-4","reference_id":"ASA-201901-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201901-4"},{"reference_url":"https://security.archlinux.org/AVG-615","reference_id":"AVG-615","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-615"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00062.html","reference_id":"msg00062.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:53:55Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00062.html"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:53:55Z/"}],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:53:55Z/"}],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2018-6954"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1dm2-fdsy-a7aq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4531?format=json","vulnerability_id":"VCID-1q48-dryb-y7a5","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9445.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9445.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9445","reference_id":"","reference_type":"","scores":[{"value":"0.0133","scoring_system":"epss","scoring_elements":"0.8028","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0133","scoring_system":"epss","scoring_elements":"0.80319","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0133","scoring_system":"epss","scoring_elements":"0.80309","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0133","scoring_system":"epss","scoring_elements":"0.80305","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0133","scoring_system":"epss","scoring_elements":"0.80298","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0133","scoring_system":"epss","scoring_elements":"0.80306","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9445"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9445","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9445"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463609","reference_id":"1463609","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463609"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866147","reference_id":"866147","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866147"},{"reference_url":"https://security.archlinux.org/ASA-201707-2","reference_id":"ASA-201707-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-2"},{"reference_url":"https://security.archlinux.org/AVG-329","reference_id":"AVG-329","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-329"},{"reference_url":"https://usn.ubuntu.com/3341-1/","reference_id":"USN-3341-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3341-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2017-9445"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1q48-dryb-y7a5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101883?format=json","vulnerability_id":"VCID-26du-f1xn-7bb2","summary":"An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20386.json","reference_id":"","reference_type":"","scores":[{"value":"2.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20386.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20386","reference_id":"","reference_type":"","scores":[{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35595","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35549","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35645","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35658","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35617","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35579","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20386"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1793979","reference_id":"1793979","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1793979"},{"reference_url":"https://usn.ubuntu.com/4269-1/","reference_id":"4269-1","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:39:48Z/"}],"url":"https://usn.ubuntu.com/4269-1/"},{"reference_url":"https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad","reference_id":"b2774a3ae692113e1f47a336a6c09bac9cfb49ad","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:39:48Z/"}],"url":"https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/","reference_id":"HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:39:48Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZPCOMW5X6IZZXASCDD2CNW2DLF3YADC/"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:39:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200210-0002/","reference_id":"ntap-20200210-0002","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:39:48Z/"}],"url":"https://security.netapp.com/advisory/ntap-20200210-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4007","reference_id":"RHSA-2020:4007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4553","reference_id":"RHSA-2020:4553","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0949","reference_id":"RHSA-2021:0949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0949"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6455?format=json","purl":"pkg:deb/debian/systemd@247.3-7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@247.3-7%252Bdeb11u4"}],"aliases":["CVE-2019-20386"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-26du-f1xn-7bb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101868?format=json","vulnerability_id":"VCID-2snu-vneb-7kgb","summary":"tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9770.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9770.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9770","reference_id":"","reference_type":"","scores":[{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26361","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26465","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26456","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26414","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26357","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26362","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9770"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9770","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9770"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348622","reference_id":"1348622","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348622"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4978?format=json","purl":"pkg:deb/debian/systemd@215-17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-89ba-1bwt-gfgu"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cg68-m7rf-huhs"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-h25y-3yut-byd3"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-m5wm-dxxp-y7h5"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rm7n-14wh-tkb3"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-w96s-4vjc-dugw"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@215-17"}],"aliases":["CVE-2014-9770"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2snu-vneb-7kgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4239?format=json","vulnerability_id":"VCID-36am-knxz-xfek","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15686.json","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15686.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15686","reference_id":"","reference_type":"","scores":[{"value":"0.01533","scoring_system":"epss","scoring_elements":"0.81691","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01533","scoring_system":"epss","scoring_elements":"0.81651","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01533","scoring_system":"epss","scoring_elements":"0.81681","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01533","scoring_system":"epss","scoring_elements":"0.81682","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01533","scoring_system":"epss","scoring_elements":"0.81683","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01533","scoring_system":"epss","scoring_elements":"0.81676","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15686"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/systemd/systemd/pull/10519","reference_id":"10519","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:50:23Z/"}],"url":"https://github.com/systemd/systemd/pull/10519"},{"reference_url":"http://www.securityfocus.com/bid/105747","reference_id":"105747","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:50:23Z/"}],"url":"http://www.securityfocus.com/bid/105747"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1639071","reference_id":"1639071","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1639071"},{"reference_url":"https://usn.ubuntu.com/3816-1/","reference_id":"3816-1","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:50:23Z/"}],"url":"https://usn.ubuntu.com/3816-1/"},{"reference_url":"https://www.exploit-db.com/exploits/45714/","reference_id":"45714","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:50:23Z/"}],"url":"https://www.exploit-db.com/exploits/45714/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912005","reference_id":"912005","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912005"},{"reference_url":"https://security.archlinux.org/ASA-201811-11","reference_id":"ASA-201811-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-11"},{"reference_url":"https://security.archlinux.org/AVG-789","reference_id":"AVG-789","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-789"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1687","reference_id":"CVE-2018-15686","reference_type":"exploit","scores":[],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1687"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/45714.c","reference_id":"CVE-2018-15686","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/45714.c"},{"reference_url":"https://security.gentoo.org/glsa/201810-10","reference_id":"GLSA-201810-10","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:50:23Z/"}],"url":"https://security.gentoo.org/glsa/201810-10"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:50:23Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2091","reference_id":"RHSA-2019:2091","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:50:23Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:2091"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3222","reference_id":"RHSA-2019:3222","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:50:23Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:3222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0593","reference_id":"RHSA-2020:0593","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:50:23Z/"}],"url":"https://access.redhat.com/errata/RHSA-2020:0593"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1264","reference_id":"RHSA-2020:1264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1264"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2018-15686"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-36am-knxz-xfek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101882?format=json","vulnerability_id":"VCID-3euy-kfkc-8keh","summary":"In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that should be restricted to privileged users, in order to change the system's DNS resolver settings.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15718.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15718.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15718","reference_id":"","reference_type":"","scores":[{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28108","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28178","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28128","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28089","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28046","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.2805","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15718"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15718","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15718"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1746057","reference_id":"1746057","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1746057"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939353","reference_id":"939353","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939353"},{"reference_url":"https://security.archlinux.org/ASA-201910-3","reference_id":"ASA-201910-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201910-3"},{"reference_url":"https://security.archlinux.org/AVG-1035","reference_id":"AVG-1035","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3592","reference_id":"RHSA-2019:3592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3941","reference_id":"RHSA-2019:3941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3941"},{"reference_url":"https://usn.ubuntu.com/4120-1/","reference_id":"USN-4120-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4120-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6455?format=json","purl":"pkg:deb/debian/systemd@247.3-7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@247.3-7%252Bdeb11u4"}],"aliases":["CVE-2019-15718"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3euy-kfkc-8keh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5986?format=json","vulnerability_id":"VCID-4333-vpmq-qbbs","summary":"privilege escalation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1712.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1712.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1712","reference_id":"","reference_type":"","scores":[{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28144","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28165","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28125","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28081","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28215","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28084","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1712"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1712","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1712"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.openwall.com/lists/oss-security/2020/02/05/1","reference_id":"1","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:42Z/"}],"url":"https://www.openwall.com/lists/oss-security/2020/02/05/1"},{"reference_url":"https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54","reference_id":"1068447e6954dc6ce52f099ed174c442cb89ed54","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:42Z/"}],"url":"https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1794578","reference_id":"1794578","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1794578"},{"reference_url":"https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb","reference_id":"637486261528e8aa3da9f26a4487dc254f4b7abb","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:42Z/"}],"url":"https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950732","reference_id":"950732","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950732"},{"reference_url":"https://security.archlinux.org/ASA-202002-8","reference_id":"ASA-202002-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202002-8"},{"reference_url":"https://security.archlinux.org/AVG-1094","reference_id":"AVG-1094","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1094"},{"reference_url":"https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d","reference_id":"bc130b6858327b382b07b3985cf48e2aa9016b2d","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:42Z/"}],"url":"https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d"},{"reference_url":"https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2","reference_id":"ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:42Z/"}],"url":"https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2"},{"reference_url":"https://security.gentoo.org/glsa/202003-20","reference_id":"GLSA-202003-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-20"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00025.html","reference_id":"msg00025.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:42Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0564","reference_id":"RHSA-2020:0564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0575","reference_id":"RHSA-2020:0575","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0575"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712","reference_id":"show_bug.cgi?id=CVE-2020-1712","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:42Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6455?format=json","purl":"pkg:deb/debian/systemd@247.3-7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@247.3-7%252Bdeb11u4"}],"aliases":["CVE-2020-1712"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4333-vpmq-qbbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60242?format=json","vulnerability_id":"VCID-55ew-qe9a-5uen","summary":"The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the \"NSEC3\" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50868","reference_id":"","reference_type":"","scores":[{"value":"0.12114","scoring_system":"epss","scoring_elements":"0.93949","published_at":"2026-06-09T12:55:00Z"},{"value":"0.1242","scoring_system":"epss","scoring_elements":"0.94041","published_at":"2026-06-07T12:55:00Z"},{"value":"0.1242","scoring_system":"epss","scoring_elements":"0.9404","published_at":"2026-06-05T12:55:00Z"},{"value":"0.1242","scoring_system":"epss","scoring_elements":"0.94039","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html","reference_id":"017430.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845","reference_id":"1063845","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852","reference_id":"1063852","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751","reference_id":"1077751","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/2"},{"reference_url":"https://www.isc.org/blogs/2024-bind-security-release/","reference_id":"2024-bind-security-release","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://www.isc.org/blogs/2024-bind-security-release/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263917","reference_id":"2263917","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263917"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/","reference_id":"6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/","reference_id":"BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/"},{"reference_url":"https://kb.isc.org/docs/cve-2023-50868","reference_id":"cve-2023-50868","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://kb.isc.org/docs/cve-2023-50868"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-50868","reference_id":"CVE-2023-50868","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-50868"},{"reference_url":"https://security.gentoo.org/glsa/202412-10","reference_id":"GLSA-202412-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-10"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","reference_id":"HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/","reference_id":"IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html","reference_id":"msg00006.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0008/","reference_id":"ntap-20240307-0008","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0008/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","reference_id":"PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"},{"reference_url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html","reference_id":"powerdns-advisory-2024-01.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html"},{"reference_url":"https://datatracker.ietf.org/doc/html/rfc5155","reference_id":"rfc5155","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://datatracker.ietf.org/doc/html/rfc5155"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","reference_id":"RGS7JN6FZXUSTC2XKQHH27574XOULYYJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0965","reference_id":"RHSA-2024:0965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0977","reference_id":"RHSA-2024:0977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0981","reference_id":"RHSA-2024:0981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0982","reference_id":"RHSA-2024:0982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11003","reference_id":"RHSA-2024:11003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1334","reference_id":"RHSA-2024:1334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1335","reference_id":"RHSA-2024:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1522","reference_id":"RHSA-2024:1522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1543","reference_id":"RHSA-2024:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1544","reference_id":"RHSA-2024:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1545","reference_id":"RHSA-2024:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1647","reference_id":"RHSA-2024:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1648","reference_id":"RHSA-2024:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1781","reference_id":"RHSA-2024:1781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1782","reference_id":"RHSA-2024:1782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1789","reference_id":"RHSA-2024:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1800","reference_id":"RHSA-2024:1800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1801","reference_id":"RHSA-2024:1801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1803","reference_id":"RHSA-2024:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1804","reference_id":"RHSA-2024:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2551","reference_id":"RHSA-2024:2551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2587","reference_id":"RHSA-2024:2587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2696","reference_id":"RHSA-2024:2696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2720","reference_id":"RHSA-2024:2720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2721","reference_id":"RHSA-2024:2721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2821","reference_id":"RHSA-2024:2821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2890","reference_id":"RHSA-2024:2890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3271","reference_id":"RHSA-2024:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3741","reference_id":"RHSA-2024:3741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3877","reference_id":"RHSA-2024:3877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3929","reference_id":"RHSA-2024:3929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0039","reference_id":"RHSA-2025:0039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0039"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1219826","reference_id":"show_bug.cgi?id=1219826","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1219826"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/","reference_id":"SVYA42BLXUCIDLD35YIJPJSHDIADNYMP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/","reference_id":"TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/"},{"reference_url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/","reference_id":"unbound-1.19.1-released","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/","reference_id":"UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/"},{"reference_url":"https://usn.ubuntu.com/6633-1/","reference_id":"USN-6633-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6633-1/"},{"reference_url":"https://usn.ubuntu.com/6642-1/","reference_id":"USN-6642-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6642-1/"},{"reference_url":"https://usn.ubuntu.com/6657-1/","reference_id":"USN-6657-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-1/"},{"reference_url":"https://usn.ubuntu.com/6657-2/","reference_id":"USN-6657-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-2/"},{"reference_url":"https://usn.ubuntu.com/6665-1/","reference_id":"USN-6665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6665-1/"},{"reference_url":"https://usn.ubuntu.com/6723-1/","reference_id":"USN-6723-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6723-1/"},{"reference_url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1","reference_id":"v5.7.1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","reference_id":"ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/510385?format=json","purl":"pkg:deb/debian/systemd@252.39-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@252.39-1~deb12u2"}],"aliases":["CVE-2023-50868"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-55ew-qe9a-5uen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101889?format=json","vulnerability_id":"VCID-64xm-zm73-nfay","summary":"systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13776.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13776.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13776","reference_id":"","reference_type":"","scores":[{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33275","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33343","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33376","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33392","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33356","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33322","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13776"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/systemd/systemd/issues/15985","reference_id":"15985","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:45:10Z/"}],"url":"https://github.com/systemd/systemd/issues/15985"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1845534","reference_id":"1845534","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1845534"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYGLFEKG45EYBJ7TPQMLWROWPTZBEU63/","reference_id":"IYGLFEKG45EYBJ7TPQMLWROWPTZBEU63","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:45:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYGLFEKG45EYBJ7TPQMLWROWPTZBEU63/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200611-0003/","reference_id":"ntap-20200611-0003","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:45:10Z/"}],"url":"https://security.netapp.com/advisory/ntap-20200611-0003/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1611","reference_id":"RHSA-2021:1611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3900","reference_id":"RHSA-2021:3900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3900"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6455?format=json","purl":"pkg:deb/debian/systemd@247.3-7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@247.3-7%252Bdeb11u4"}],"aliases":["CVE-2020-13776"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-64xm-zm73-nfay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6180?format=json","vulnerability_id":"VCID-6rw7-cpfk-2qa5","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16865.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16865.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16865","reference_id":"","reference_type":"","scores":[{"value":"0.01222","scoring_system":"epss","scoring_elements":"0.79475","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01222","scoring_system":"epss","scoring_elements":"0.7947","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01222","scoring_system":"epss","scoring_elements":"0.79468","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01222","scoring_system":"epss","scoring_elements":"0.79458","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01222","scoring_system":"epss","scoring_elements":"0.79476","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01222","scoring_system":"epss","scoring_elements":"0.79443","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16866","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16866"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/106525","reference_id":"106525","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"http://www.securityfocus.com/bid/106525"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1653861","reference_id":"1653861","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1653861"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/07/20/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/07/20/2"},{"reference_url":"http://seclists.org/fulldisclosure/2019/May/21","reference_id":"21","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"http://seclists.org/fulldisclosure/2019/May/21"},{"reference_url":"https://seclists.org/bugtraq/2019/May/25","reference_id":"25","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"https://seclists.org/bugtraq/2019/May/25"},{"reference_url":"https://usn.ubuntu.com/3855-1/","reference_id":"3855-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"https://usn.ubuntu.com/3855-1/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/05/10/4","reference_id":"4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/05/10/4"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918848","reference_id":"918848","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918848"},{"reference_url":"https://security.archlinux.org/ASA-201901-9","reference_id":"ASA-201901-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201901-9"},{"reference_url":"https://security.archlinux.org/AVG-845","reference_id":"AVG-845","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-845"},{"reference_url":"https://www.debian.org/security/2019/dsa-4367","reference_id":"dsa-4367","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"https://www.debian.org/security/2019/dsa-4367"},{"reference_url":"https://security.gentoo.org/glsa/201903-07","reference_id":"GLSA-201903-07","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"https://security.gentoo.org/glsa/201903-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00016.html","reference_id":"msg00016.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00016.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190117-0001/","reference_id":"ntap-20190117-0001","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0049","reference_id":"RHSA-2019:0049","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0204","reference_id":"RHSA-2019:0204","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0271","reference_id":"RHSA-2019:0271","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0342","reference_id":"RHSA-2019:0342","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0361","reference_id":"RHSA-2019:0361","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2402","reference_id":"RHSA-2019:2402","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:2402"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16865","reference_id":"show_bug.cgi?id=CVE-2018-16865","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16865"},{"reference_url":"http://packetstormsecurity.com/files/152841/System-Down-A-systemd-journald-Exploit.html","reference_id":"System-Down-A-systemd-journald-Exploit.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"http://packetstormsecurity.com/files/152841/System-Down-A-systemd-journald-Exploit.html"},{"reference_url":"https://www.qualys.com/2019/01/09/system-down/system-down.txt","reference_id":"system-down.txt","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:51:24Z/"}],"url":"https://www.qualys.com/2019/01/09/system-down/system-down.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4981?format=json","purl":"pkg:deb/debian/systemd@232-25%2Bdeb9u12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@232-25%252Bdeb9u12"},{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2018-16865"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6rw7-cpfk-2qa5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101871?format=json","vulnerability_id":"VCID-89ba-1bwt-gfgu","summary":"A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. This is fixed in v229.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10156.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10156.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10156","reference_id":"","reference_type":"","scores":[{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72651","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.7269","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72697","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.7268","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72667","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00712","scoring_system":"epss","scoring_elements":"0.72691","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10156"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416044","reference_id":"1416044","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416044"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/41171.txt","reference_id":"CVE-2016-10156","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/41171.txt"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/01/24/4","reference_id":"CVE-2016-10156","reference_type":"exploit","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/01/24/4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4980?format=json","purl":"pkg:deb/debian/systemd@230-7~bpo8%2B2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cg68-m7rf-huhs"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-h25y-3yut-byd3"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rm7n-14wh-tkb3"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-w96s-4vjc-dugw"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@230-7~bpo8%252B2"}],"aliases":["CVE-2016-10156"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-89ba-1bwt-gfgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101887?format=json","vulnerability_id":"VCID-9337-4n7d-dyba","summary":"It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3844.json","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3844.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3844","reference_id":"","reference_type":"","scores":[{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.354","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35448","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35496","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35508","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35469","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.3543","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3844"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3844"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/108096","reference_id":"108096","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:49:10Z/"}],"url":"http://www.securityfocus.com/bid/108096"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1684610","reference_id":"1684610","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1684610"},{"reference_url":"https://usn.ubuntu.com/4269-1/","reference_id":"4269-1","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:49:10Z/"}],"url":"https://usn.ubuntu.com/4269-1/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928102","reference_id":"928102","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928102"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190619-0002/","reference_id":"ntap-20190619-0002","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:49:10Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190619-0002/"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:49:10Z/"}],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:49:10Z/"}],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1794","reference_id":"RHSA-2020:1794","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1794"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844","reference_id":"show_bug.cgi?id=CVE-2019-3844","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:49:10Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6455?format=json","purl":"pkg:deb/debian/systemd@247.3-7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@247.3-7%252Bdeb11u4"}],"aliases":["CVE-2019-3844"],"risk_score":8.0,"exploitability":"2.0","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9337-4n7d-dyba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101873?format=json","vulnerability_id":"VCID-9m1u-s3ry-a3ap","summary":"systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. \"0day\"), running the service in question with root privileges rather than the user intended.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000082.json","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000082.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000082","reference_id":"","reference_type":"","scores":[{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49384","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.4942","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49438","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49408","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49445","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49455","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000082","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000082"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:S/C:C/I:C/A:C"},{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1468427","reference_id":"1468427","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1468427"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2017-1000082"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9m1u-s3ry-a3ap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6181?format=json","vulnerability_id":"VCID-9phe-afnu-qkb3","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16864.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16864.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16864","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34674","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34739","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34771","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34787","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34751","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34717","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16866","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16866"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/106523","reference_id":"106523","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"http://www.securityfocus.com/bid/106523"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1653855","reference_id":"1653855","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1653855"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/07/20/2","reference_id":"2","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/07/20/2"},{"reference_url":"https://usn.ubuntu.com/3855-1/","reference_id":"3855-1","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"https://usn.ubuntu.com/3855-1/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918841","reference_id":"918841","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918841"},{"reference_url":"https://security.archlinux.org/ASA-201901-9","reference_id":"ASA-201901-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201901-9"},{"reference_url":"https://security.archlinux.org/AVG-845","reference_id":"AVG-845","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-845"},{"reference_url":"https://www.debian.org/security/2019/dsa-4367","reference_id":"dsa-4367","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"https://www.debian.org/security/2019/dsa-4367"},{"reference_url":"https://security.gentoo.org/glsa/201903-07","reference_id":"GLSA-201903-07","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"https://security.gentoo.org/glsa/201903-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00016.html","reference_id":"msg00016.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00016.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190117-0001/","reference_id":"ntap-20190117-0001","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0049","reference_id":"RHSA-2019:0049","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0204","reference_id":"RHSA-2019:0204","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0271","reference_id":"RHSA-2019:0271","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0342","reference_id":"RHSA-2019:0342","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0361","reference_id":"RHSA-2019:0361","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2402","reference_id":"RHSA-2019:2402","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:2402"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16864","reference_id":"show_bug.cgi?id=CVE-2018-16864","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16864"},{"reference_url":"https://www.qualys.com/2019/01/09/system-down/system-down.txt","reference_id":"system-down.txt","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:52:03Z/"}],"url":"https://www.qualys.com/2019/01/09/system-down/system-down.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4981?format=json","purl":"pkg:deb/debian/systemd@232-25%2Bdeb9u12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@232-25%252Bdeb9u12"},{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2018-16864"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9phe-afnu-qkb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62906?format=json","vulnerability_id":"VCID-a8d1-4mtq-5uf3","summary":"systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40225.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40225.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40225","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11407","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11475","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11395","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11512","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1151","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40225"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457324","reference_id":"2457324","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457324"},{"reference_url":"https://github.com/systemd/systemd/security/advisories/GHSA-vpfq-8p5f-jcqx","reference_id":"GHSA-vpfq-8p5f-jcqx","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T14:40:04Z/"}],"url":"https://github.com/systemd/systemd/security/advisories/GHSA-vpfq-8p5f-jcqx"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7299","reference_id":"RHSA-2026:7299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7299"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/510385?format=json","purl":"pkg:deb/debian/systemd@252.39-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@252.39-1~deb12u2"}],"aliases":["CVE-2026-40225"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a8d1-4mtq-5uf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6331?format=json","vulnerability_id":"VCID-afkf-p5hd-dkfe","summary":"access restriction bypass","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18078.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18078.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18078","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2455","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24536","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24586","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24526","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24652","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24641","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18078"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18078","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18078"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1539758","reference_id":"1539758","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1539758"},{"reference_url":"https://security.archlinux.org/AVG-621","reference_id":"AVG-621","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-621"},{"reference_url":"http://seclists.org/oss-sec/2018/q1/115","reference_id":"CVE-2017-18078","reference_type":"exploit","scores":[],"url":"http://seclists.org/oss-sec/2018/q1/115"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/43935.txt","reference_id":"CVE-2017-18078","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/43935.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2017-18078"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-afkf-p5hd-dkfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65014?format=json","vulnerability_id":"VCID-b47h-67k1-eqdm","summary":"systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4105.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4105.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4105","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01231","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01229","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01233","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01228","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4105"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4105","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4105"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447262","reference_id":"2447262","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-13T16:03:09Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447262"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1","reference_id":"cpe:/a:redhat:hummingbird:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-4105","reference_id":"CVE-2026-4105","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-13T16:03:09Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-4105"},{"reference_url":"https://github.com/systemd/systemd/security/advisories/GHSA-4h6x-r8vx-3862","reference_id":"GHSA-4h6x-r8vx-3862","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-13T16:03:09Z/"}],"url":"https://github.com/systemd/systemd/security/advisories/GHSA-4h6x-r8vx-3862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7299","reference_id":"RHSA-2026:7299","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-13T16:03:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:7299"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/510385?format=json","purl":"pkg:deb/debian/systemd@252.39-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@252.39-1~deb12u2"}],"aliases":["CVE-2026-4105"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b47h-67k1-eqdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6773?format=json","vulnerability_id":"VCID-cg68-m7rf-huhs","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7795.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7795.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7795","reference_id":"","reference_type":"","scores":[{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36569","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36608","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36635","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36598","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36663","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36671","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7795"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1380286","reference_id":"1380286","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1380286"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839171","reference_id":"839171","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839171"},{"reference_url":"https://security.archlinux.org/ASA-201610-2","reference_id":"ASA-201610-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201610-2"},{"reference_url":"https://security.archlinux.org/AVG-38","reference_id":"AVG-38","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-38"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2610","reference_id":"RHSA-2016:2610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2694","reference_id":"RHSA-2016:2694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4981?format=json","purl":"pkg:deb/debian/systemd@232-25%2Bdeb9u12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@232-25%252Bdeb9u12"}],"aliases":["CVE-2016-7795"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cg68-m7rf-huhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6138?format=json","vulnerability_id":"VCID-cuv8-pcc7-pqc2","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6454.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6454.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6454","reference_id":"","reference_type":"","scores":[{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33851","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33929","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33936","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33903","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33954","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33969","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6454"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6454","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6454"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1667032","reference_id":"1667032","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1667032"},{"reference_url":"https://security.archlinux.org/ASA-201902-24","reference_id":"ASA-201902-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-24"},{"reference_url":"https://security.archlinux.org/AVG-906","reference_id":"AVG-906","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-906"},{"reference_url":"https://security.gentoo.org/glsa/201903-07","reference_id":"GLSA-201903-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201903-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0368","reference_id":"RHSA-2019:0368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0457","reference_id":"RHSA-2019:0457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0457"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0461","reference_id":"RHSA-2019:0461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0990","reference_id":"RHSA-2019:0990","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0990"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1322","reference_id":"RHSA-2019:1322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1502","reference_id":"RHSA-2019:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2805","reference_id":"RHSA-2019:2805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2805"},{"reference_url":"https://usn.ubuntu.com/3891-1/","reference_id":"USN-3891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4981?format=json","purl":"pkg:deb/debian/systemd@232-25%2Bdeb9u12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@232-25%252Bdeb9u12"},{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2019-6454"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cuv8-pcc7-pqc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4237?format=json","vulnerability_id":"VCID-cxy5-pbmr-xycj","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15688.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15688.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15688","reference_id":"","reference_type":"","scores":[{"value":"0.0069","scoring_system":"epss","scoring_elements":"0.72219","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0069","scoring_system":"epss","scoring_elements":"0.7218","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0069","scoring_system":"epss","scoring_elements":"0.72222","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0069","scoring_system":"epss","scoring_elements":"0.72228","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0069","scoring_system":"epss","scoring_elements":"0.72207","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0069","scoring_system":"epss","scoring_elements":"0.72193","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15688","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15688"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/systemd/systemd/pull/10518","reference_id":"10518","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:55:22Z/"}],"url":"https://github.com/systemd/systemd/pull/10518"},{"reference_url":"http://www.securityfocus.com/bid/105745","reference_id":"105745","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:55:22Z/"}],"url":"http://www.securityfocus.com/bid/105745"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1639067","reference_id":"1639067","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1639067"},{"reference_url":"https://usn.ubuntu.com/3806-1/","reference_id":"3806-1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:55:22Z/"}],"url":"https://usn.ubuntu.com/3806-1/"},{"reference_url":"https://usn.ubuntu.com/3807-1/","reference_id":"3807-1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:55:22Z/"}],"url":"https://usn.ubuntu.com/3807-1/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912008","reference_id":"912008","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912008"},{"reference_url":"https://security.archlinux.org/ASA-201811-11","reference_id":"ASA-201811-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-11"},{"reference_url":"https://security.archlinux.org/AVG-789","reference_id":"AVG-789","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-789"},{"reference_url":"https://security.gentoo.org/glsa/201810-10","reference_id":"GLSA-201810-10","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:55:22Z/"}],"url":"https://security.gentoo.org/glsa/201810-10"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:55:22Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3665","reference_id":"RHSA-2018:3665","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:55:22Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0049","reference_id":"RHSA-2019:0049","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:55:22Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0049"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2018-15688"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cxy5-pbmr-xycj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64737?format=json","vulnerability_id":"VCID-g1tj-dj2p-pffn","summary":"systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29111.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29111.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29111","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07811","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07854","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07867","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0784","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07796","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-29111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29111"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a","reference_id":"1d22f706bd04f45f8422e17fbde3f56ece17758a","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:12:36Z/"}],"url":"https://github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758a"},{"reference_url":"https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6","reference_id":"20021e7686426052e3a7505425d7e12085feb2a6","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:12:36Z/"}],"url":"https://github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6"},{"reference_url":"https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412","reference_id":"21167006574d6b83813c7596759b474f56562412","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:12:36Z/"}],"url":"https://github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450505","reference_id":"2450505","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450505"},{"reference_url":"https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd","reference_id":"3cee294fe8cf4fa0eff933ab21416d099942cabd","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:12:36Z/"}],"url":"https://github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabd"},{"reference_url":"https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f","reference_id":"42aee39107fbdd7db1ccd402a2151822b2805e9f","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:12:36Z/"}],"url":"https://github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9f"},{"reference_url":"https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f","reference_id":"54588d2dedff54bfb6036670820650e4ea74628f","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:12:36Z/"}],"url":"https://github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628f"},{"reference_url":"https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69","reference_id":"7ac3220213690e8a8d6d2a6e81e43bd1dce01d69","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:12:36Z/"}],"url":"https://github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69"},{"reference_url":"https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6","reference_id":"80acea4ef80a4bb78560ed970c34952299b890d6","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:12:36Z/"}],"url":"https://github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6"},{"reference_url":"https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c","reference_id":"b5fd14693057e5f2c9b4a49603be64ec3608ff6c","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:12:36Z/"}],"url":"https://github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6c"},{"reference_url":"https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8","reference_id":"efa6ba2ab625aaa160ac435a09e6482fc63bdbe8","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:12:36Z/"}],"url":"https://github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8"},{"reference_url":"https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764","reference_id":"GHSA-gx6q-6f99-m764","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:12:36Z/"}],"url":"https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13651","reference_id":"RHSA-2026:13651","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13677","reference_id":"RHSA-2026:13677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14162","reference_id":"RHSA-2026:14162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19068","reference_id":"RHSA-2026:19068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19068"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19213","reference_id":"RHSA-2026:19213","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19213"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21275","reference_id":"RHSA-2026:21275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22634","reference_id":"RHSA-2026:22634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7299","reference_id":"RHSA-2026:7299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7299"},{"reference_url":"https://usn.ubuntu.com/8119-1/","reference_id":"USN-8119-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8119-1/"},{"reference_url":"https://usn.ubuntu.com/8119-2/","reference_id":"USN-8119-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8119-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/510385?format=json","purl":"pkg:deb/debian/systemd@252.39-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@252.39-1~deb12u2"}],"aliases":["CVE-2026-29111"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g1tj-dj2p-pffn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101891?format=json","vulnerability_id":"VCID-gz7h-uwsh-u3gs","summary":"A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2526.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2526.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2526","reference_id":"","reference_type":"","scores":[{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.53116","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.53178","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.53186","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.53167","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.53141","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.53166","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2526"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2109926","reference_id":"2109926","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2109926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6160","reference_id":"RHSA-2022:6160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6161","reference_id":"RHSA-2022:6161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6162","reference_id":"RHSA-2022:6162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6163","reference_id":"RHSA-2022:6163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6206","reference_id":"RHSA-2022:6206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6206"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6551","reference_id":"RHSA-2022:6551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6551"},{"reference_url":"https://usn.ubuntu.com/5583-1/","reference_id":"USN-5583-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5583-1/"},{"reference_url":"https://usn.ubuntu.com/5583-2/","reference_id":"USN-5583-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5583-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2022-2526"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gz7h-uwsh-u3gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/355258?format=json","vulnerability_id":"VCID-h25y-3yut-byd3","summary":"regression update","references":[],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4981?format=json","purl":"pkg:deb/debian/systemd@232-25%2Bdeb9u12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@232-25%252Bdeb9u12"}],"aliases":["DSA-4367-2 systemd"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h25y-3yut-byd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101885?format=json","vulnerability_id":"VCID-j267-ctps-7bcj","summary":"In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the \"allow_active\" element rather than \"allow_any\".","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3842.json","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3842.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3842","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26824","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26833","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26878","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26917","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26926","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3842"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1668521","reference_id":"1668521","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1668521"},{"reference_url":"https://www.exploit-db.com/exploits/46743/","reference_id":"46743","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:47:18Z/"}],"url":"https://www.exploit-db.com/exploits/46743/"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1756","reference_id":"CVE-2019-3842","reference_type":"exploit","scores":[],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1756"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46743.txt","reference_id":"CVE-2019-3842","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46743.txt"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:47:18Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00022.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00062.html","reference_id":"msg00062.html","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:47:18Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00062.html"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:47:18Z/"}],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:47:18Z/"}],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1611","reference_id":"RHSA-2021:1611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3900","reference_id":"RHSA-2021:3900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3900"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3842","reference_id":"show_bug.cgi?id=CVE-2019-3842","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:47:18Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3842"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STR36RJE4ZZIORMDXRERVBHMPRNRTHAC/","reference_id":"STR36RJE4ZZIORMDXRERVBHMPRNRTHAC","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:47:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STR36RJE4ZZIORMDXRERVBHMPRNRTHAC/"},{"reference_url":"http://packetstormsecurity.com/files/152610/systemd-Seat-Verification-Active-Session-Spoofing.html","reference_id":"systemd-Seat-Verification-Active-Session-Spoofing.html","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:47:18Z/"}],"url":"http://packetstormsecurity.com/files/152610/systemd-Seat-Verification-Active-Session-Spoofing.html"},{"reference_url":"https://usn.ubuntu.com/3938-1/","reference_id":"USN-3938-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3938-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4981?format=json","purl":"pkg:deb/debian/systemd@232-25%2Bdeb9u12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@232-25%252Bdeb9u12"},{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2019-3842"],"risk_score":8.0,"exploitability":"2.0","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j267-ctps-7bcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101874?format=json","vulnerability_id":"VCID-k51x-6b44-ykcm","summary":"In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15908.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15908.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15908","reference_id":"","reference_type":"","scores":[{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50378","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50416","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50427","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50398","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50439","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50446","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15908"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:C"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1507515","reference_id":"1507515","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1507515"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880026","reference_id":"880026","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880026"},{"reference_url":"https://usn.ubuntu.com/3466-1/","reference_id":"USN-3466-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3466-1/"},{"reference_url":"https://usn.ubuntu.com/3558-1/","reference_id":"USN-3558-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3558-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2017-15908"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k51x-6b44-ykcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4238?format=json","vulnerability_id":"VCID-ky5c-16g2-5udr","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15687.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15687.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15687","reference_id":"","reference_type":"","scores":[{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59721","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59774","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59746","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59765","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59771","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/105748","reference_id":"105748","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:48:02Z/"}],"url":"http://www.securityfocus.com/bid/105748"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1639076","reference_id":"1639076","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1639076"},{"reference_url":"https://usn.ubuntu.com/3816-1/","reference_id":"3816-1","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:48:02Z/"}],"url":"https://usn.ubuntu.com/3816-1/"},{"reference_url":"https://www.exploit-db.com/exploits/45715/","reference_id":"45715","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:48:02Z/"}],"url":"https://www.exploit-db.com/exploits/45715/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912007","reference_id":"912007","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912007"},{"reference_url":"https://security.archlinux.org/ASA-201811-11","reference_id":"ASA-201811-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-11"},{"reference_url":"https://security.archlinux.org/AVG-789","reference_id":"AVG-789","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-789"},{"reference_url":"https://github.com/systemd/systemd/pull/10517/commits","reference_id":"commits","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:48:02Z/"}],"url":"https://github.com/systemd/systemd/pull/10517/commits"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1689","reference_id":"CVE-2018-15687","reference_type":"exploit","scores":[],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1689"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/45715.txt","reference_id":"CVE-2018-15687","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/45715.txt"},{"reference_url":"https://security.gentoo.org/glsa/201810-10","reference_id":"GLSA-201810-10","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:48:02Z/"}],"url":"https://security.gentoo.org/glsa/201810-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2018-15687"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ky5c-16g2-5udr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101869?format=json","vulnerability_id":"VCID-m5wm-dxxp-y7h5","summary":"Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7510.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7510.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7510","reference_id":"","reference_type":"","scores":[{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69574","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69613","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69621","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69611","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69599","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.6962","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7510"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7510","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7510"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1284642","reference_id":"1284642","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1284642"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4980?format=json","purl":"pkg:deb/debian/systemd@230-7~bpo8%2B2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cg68-m7rf-huhs"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-h25y-3yut-byd3"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rm7n-14wh-tkb3"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-w96s-4vjc-dugw"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@230-7~bpo8%252B2"}],"aliases":["CVE-2015-7510"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m5wm-dxxp-y7h5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60241?format=json","vulnerability_id":"VCID-me6t-p2ef-43ch","summary":"Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the \"KeyTrap\" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50387","reference_id":"","reference_type":"","scores":[{"value":"0.43215","scoring_system":"epss","scoring_elements":"0.97578","published_at":"2026-06-09T12:55:00Z"},{"value":"0.43701","scoring_system":"epss","scoring_elements":"0.97597","published_at":"2026-06-05T12:55:00Z"},{"value":"0.43701","scoring_system":"epss","scoring_elements":"0.97598","published_at":"2026-06-07T12:55:00Z"},{"value":"0.43701","scoring_system":"epss","scoring_elements":"0.97599","published_at":"2026-06-06T12:55:00Z"},{"value":"0.43701","scoring_system":"epss","scoring_elements":"0.976","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html","reference_id":"017430.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845","reference_id":"1063845","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852","reference_id":"1063852","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750","reference_id":"1077750","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/2"},{"reference_url":"https://www.isc.org/blogs/2024-bind-security-release/","reference_id":"2024-bind-security-release","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.isc.org/blogs/2024-bind-security-release/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263914","reference_id":"2263914","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263914"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/","reference_id":"6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/","reference_id":"BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/"},{"reference_url":"https://kb.isc.org/docs/cve-2023-50387","reference_id":"cve-2023-50387","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://kb.isc.org/docs/cve-2023-50387"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-50387","reference_id":"CVE-2023-50387","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-50387"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387","reference_id":"CVE-2023-50387","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387"},{"reference_url":"https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/","reference_id":"dnssec_vulnerability_internet","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/"},{"reference_url":"https://security.gentoo.org/glsa/202412-10","reference_id":"GLSA-202412-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-10"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","reference_id":"HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/","reference_id":"IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/"},{"reference_url":"https://news.ycombinator.com/item?id=39367411","reference_id":"item?id=39367411","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://news.ycombinator.com/item?id=39367411"},{"reference_url":"https://news.ycombinator.com/item?id=39372384","reference_id":"item?id=39372384","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://news.ycombinator.com/item?id=39372384"},{"reference_url":"https://www.athene-center.de/aktuelles/key-trap","reference_id":"key-trap","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.athene-center.de/aktuelles/key-trap"},{"reference_url":"https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/","reference_id":"keytrap-dns-attack-could-disable-large-parts-of-internet-researchers","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html","reference_id":"msg00006.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0007/","reference_id":"ntap-20240307-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0007/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","reference_id":"PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"},{"reference_url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html","reference_id":"powerdns-advisory-2024-01.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","reference_id":"RGS7JN6FZXUSTC2XKQHH27574XOULYYJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0965","reference_id":"RHSA-2024:0965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0977","reference_id":"RHSA-2024:0977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0981","reference_id":"RHSA-2024:0981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0982","reference_id":"RHSA-2024:0982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11003","reference_id":"RHSA-2024:11003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1334","reference_id":"RHSA-2024:1334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1335","reference_id":"RHSA-2024:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1522","reference_id":"RHSA-2024:1522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1543","reference_id":"RHSA-2024:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1544","reference_id":"RHSA-2024:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1545","reference_id":"RHSA-2024:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1647","reference_id":"RHSA-2024:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1648","reference_id":"RHSA-2024:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1781","reference_id":"RHSA-2024:1781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1782","reference_id":"RHSA-2024:1782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1789","reference_id":"RHSA-2024:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1800","reference_id":"RHSA-2024:1800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1801","reference_id":"RHSA-2024:1801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1803","reference_id":"RHSA-2024:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1804","reference_id":"RHSA-2024:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2551","reference_id":"RHSA-2024:2551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2587","reference_id":"RHSA-2024:2587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2696","reference_id":"RHSA-2024:2696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2720","reference_id":"RHSA-2024:2720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2721","reference_id":"RHSA-2024:2721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2821","reference_id":"RHSA-2024:2821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2890","reference_id":"RHSA-2024:2890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3271","reference_id":"RHSA-2024:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3741","reference_id":"RHSA-2024:3741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3877","reference_id":"RHSA-2024:3877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3929","reference_id":"RHSA-2024:3929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0039","reference_id":"RHSA-2025:0039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0039"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1219823","reference_id":"show_bug.cgi?id=1219823","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1219823"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/","reference_id":"SVYA42BLXUCIDLD35YIJPJSHDIADNYMP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/"},{"reference_url":"https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf","reference_id":"Technical_Report_KeyTrap.pdf","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/","reference_id":"TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/"},{"reference_url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/","reference_id":"unbound-1.19.1-released","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/","reference_id":"UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/"},{"reference_url":"https://usn.ubuntu.com/6633-1/","reference_id":"USN-6633-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6633-1/"},{"reference_url":"https://usn.ubuntu.com/6642-1/","reference_id":"USN-6642-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6642-1/"},{"reference_url":"https://usn.ubuntu.com/6657-1/","reference_id":"USN-6657-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-1/"},{"reference_url":"https://usn.ubuntu.com/6657-2/","reference_id":"USN-6657-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-2/"},{"reference_url":"https://usn.ubuntu.com/6665-1/","reference_id":"USN-6665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6665-1/"},{"reference_url":"https://usn.ubuntu.com/6723-1/","reference_id":"USN-6723-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6723-1/"},{"reference_url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1","reference_id":"v5.7.1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","reference_id":"ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/510385?format=json","purl":"pkg:deb/debian/systemd@252.39-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@252.39-1~deb12u2"}],"aliases":["CVE-2023-50387"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-me6t-p2ef-43ch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101892?format=json","vulnerability_id":"VCID-mxv6-8rgd-rkgf","summary":"An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3821.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3821.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3821","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10735","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10708","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10818","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10807","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10771","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10689","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3821"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2139327","reference_id":"2139327","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:10:56Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2139327"},{"reference_url":"https://github.com/systemd/systemd/issues/23928","reference_id":"23928","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:10:56Z/"}],"url":"https://github.com/systemd/systemd/issues/23928"},{"reference_url":"https://github.com/systemd/systemd/pull/23933","reference_id":"23933","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:10:56Z/"}],"url":"https://github.com/systemd/systemd/pull/23933"},{"reference_url":"https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e","reference_id":"9102c625a673a3246d7e73d8737f3494446bad4e","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:10:56Z/"}],"url":"https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e"},{"reference_url":"https://security.gentoo.org/glsa/202305-15","reference_id":"GLSA-202305-15","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:10:56Z/"}],"url":"https://security.gentoo.org/glsa/202305-15"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html","reference_id":"msg00036.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:10:56Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0100","reference_id":"RHSA-2023:0100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0336","reference_id":"RHSA-2023:0336","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0336"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1105","reference_id":"RHSA-2024:1105","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1105"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/","reference_id":"RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:10:56Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/"},{"reference_url":"https://usn.ubuntu.com/5928-1/","reference_id":"USN-5928-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5928-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6455?format=json","purl":"pkg:deb/debian/systemd@247.3-7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@247.3-7%252Bdeb11u4"}],"aliases":["CVE-2022-3821"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mxv6-8rgd-rkgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/99898?format=json","vulnerability_id":"VCID-n6bq-wvj2-1bg3","summary":"systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-7008.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-7008.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-7008","reference_id":"","reference_type":"","scores":[{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.65321","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.65331","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.65329","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.6532","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.6531","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-7008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7008"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059278","reference_id":"1059278","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059278"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222672","reference_id":"2222672","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2463","reference_id":"RHSA-2024:2463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3203","reference_id":"RHSA-2024:3203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3203"},{"reference_url":"https://usn.ubuntu.com/8402-1/","reference_id":"USN-8402-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8402-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/510385?format=json","purl":"pkg:deb/debian/systemd@252.39-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@252.39-1~deb12u2"}],"aliases":["CVE-2023-7008"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6bq-wvj2-1bg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101890?format=json","vulnerability_id":"VCID-qqbh-s9uf-zbf4","summary":"A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3997.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3997.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3997","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06359","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06406","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06398","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06352","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06753","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06721","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3997"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3997"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003467","reference_id":"1003467","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2024639","reference_id":"2024639","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2024639"},{"reference_url":"https://security.gentoo.org/glsa/202305-15","reference_id":"GLSA-202305-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-15"},{"reference_url":"https://usn.ubuntu.com/5226-1/","reference_id":"USN-5226-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5226-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6455?format=json","purl":"pkg:deb/debian/systemd@247.3-7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@247.3-7%252Bdeb11u4"}],"aliases":["CVE-2021-3997"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qqbh-s9uf-zbf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101880?format=json","vulnerability_id":"VCID-rcau-3p2v-6ugy","summary":"systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication (SNI) is not sent, and there is no hostname validation with the GnuTLS backend. NOTE: This has been disputed by the developer as not a vulnerability since hostname validation does not have anything to do with this issue (i.e. there is no hostname to be sent)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21029.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21029.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-21029","reference_id":"","reference_type":"","scores":[{"value":"0.0156","scoring_system":"epss","scoring_elements":"0.8181","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0156","scoring_system":"epss","scoring_elements":"0.81845","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0156","scoring_system":"epss","scoring_elements":"0.81844","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0156","scoring_system":"epss","scoring_elements":"0.81838","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0156","scoring_system":"epss","scoring_elements":"0.81854","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-21029"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21029","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21029"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1771725","reference_id":"1771725","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1771725"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6455?format=json","purl":"pkg:deb/debian/systemd@247.3-7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@247.3-7%252Bdeb11u4"}],"aliases":["CVE-2018-21029"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rcau-3p2v-6ugy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101879?format=json","vulnerability_id":"VCID-rjqq-ptca-sqgf","summary":"It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the PIDFile of the mentioned service may use this flaw to trick systemd into killing other services and/or privileged processes. Versions before v237 are vulnerable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16888.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16888.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16888","reference_id":"","reference_type":"","scores":[{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36392","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36486","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36494","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36457","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36419","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.3643","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16888"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16888","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16888"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1662867","reference_id":"1662867","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1662867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2091","reference_id":"RHSA-2019:2091","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2091"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2018-16888"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rjqq-ptca-sqgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101875?format=json","vulnerability_id":"VCID-rm7n-14wh-tkb3","summary":"systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9217.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9217","reference_id":"","reference_type":"","scores":[{"value":"0.00913","scoring_system":"epss","scoring_elements":"0.76246","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00913","scoring_system":"epss","scoring_elements":"0.76281","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00913","scoring_system":"epss","scoring_elements":"0.76275","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00913","scoring_system":"epss","scoring_elements":"0.76268","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00913","scoring_system":"epss","scoring_elements":"0.76257","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00913","scoring_system":"epss","scoring_elements":"0.76273","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9217"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1455493","reference_id":"1455493","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1455493"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863277","reference_id":"863277","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863277"},{"reference_url":"https://security.archlinux.org/ASA-201707-5","reference_id":"ASA-201707-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-5"},{"reference_url":"https://security.archlinux.org/AVG-337","reference_id":"AVG-337","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-337"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4981?format=json","purl":"pkg:deb/debian/systemd@232-25%2Bdeb9u12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@232-25%252Bdeb9u12"}],"aliases":["CVE-2017-9217"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rm7n-14wh-tkb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101886?format=json","vulnerability_id":"VCID-rykf-gnvj-suff","summary":"It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3843.json","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3843.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3843","reference_id":"","reference_type":"","scores":[{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.3065","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30642","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30723","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.3069","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30657","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30625","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/108116","reference_id":"108116","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:49:43Z/"}],"url":"http://www.securityfocus.com/bid/108116"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1684607","reference_id":"1684607","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1684607"},{"reference_url":"https://usn.ubuntu.com/4269-1/","reference_id":"4269-1","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:49:43Z/"}],"url":"https://usn.ubuntu.com/4269-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/","reference_id":"5JXQAKSTMABZ46EVCRMW62DHWYHTTFES","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:49:43Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928102","reference_id":"928102","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928102"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1771","reference_id":"CVE-2019-3844;CVE-2019-3843","reference_type":"exploit","scores":[],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1771"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46760.txt","reference_id":"CVE-2019-3844;CVE-2019-3843","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46760.txt"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190619-0002/","reference_id":"ntap-20190619-0002","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:49:43Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190619-0002/"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:49:43Z/"}],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:49:43Z/"}],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1794","reference_id":"RHSA-2020:1794","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1794"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843","reference_id":"show_bug.cgi?id=CVE-2019-3843","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:49:43Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6455?format=json","purl":"pkg:deb/debian/systemd@247.3-7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@247.3-7%252Bdeb11u4"}],"aliases":["CVE-2019-3843"],"risk_score":8.0,"exploitability":"2.0","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rykf-gnvj-suff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3316?format=json","vulnerability_id":"VCID-ssz9-bb5g-cqa2","summary":"information disclosure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4598.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4598.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4598","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29281","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29371","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29337","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29301","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29267","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106785","reference_id":"1106785","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106785"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369242","reference_id":"2369242","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369242"},{"reference_url":"https://www.openwall.com/lists/oss-security/2025/05/29/3","reference_id":"3","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/"}],"url":"https://www.openwall.com/lists/oss-security/2025/05/29/3"},{"reference_url":"https://security.archlinux.org/AVG-2893","reference_id":"AVG-2893","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2893"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7::el9","reference_id":"cpe:/a:redhat:ceph_storage:7::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9","reference_id":"cpe:/a:redhat:ceph_storage:8::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9","reference_id":"cpe:/a:redhat:discovery:2::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9","reference_id":"cpe:/a:redhat:insights_proxy:1.5::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.2","reference_id":"cpe:/o:redhat:enterprise_linux:10.2","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.2"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-4598","reference_id":"CVE-2025-4598","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-4598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22660","reference_id":"RHSA-2025:22660","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22660"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22868","reference_id":"RHSA-2025:22868","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23227","reference_id":"RHSA-2025:23227","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:23227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23234","reference_id":"RHSA-2025:23234","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:23234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0414","reference_id":"RHSA-2026:0414","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1652","reference_id":"RHSA-2026:1652","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:1652"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18153","reference_id":"RHSA-2026:18153","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:18153"},{"reference_url":"https://usn.ubuntu.com/7559-1/","reference_id":"USN-7559-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7559-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/510385?format=json","purl":"pkg:deb/debian/systemd@252.39-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@252.39-1~deb12u2"}],"aliases":["CVE-2025-4598"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ssz9-bb5g-cqa2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101870?format=json","vulnerability_id":"VCID-tshu-xa1a-vuag","summary":"tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions for /var/log/journal/%m/system.journal, which allows local users to obtain sensitive information by reading the file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8842.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8842.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8842","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.2125","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21329","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21315","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21268","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21204","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21214","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8842"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348626","reference_id":"1348626","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348626"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825059","reference_id":"825059","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825059"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4978?format=json","purl":"pkg:deb/debian/systemd@215-17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-89ba-1bwt-gfgu"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cg68-m7rf-huhs"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-h25y-3yut-byd3"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-m5wm-dxxp-y7h5"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rm7n-14wh-tkb3"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-w96s-4vjc-dugw"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@215-17"}],"aliases":["CVE-2015-8842"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tshu-xa1a-vuag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7249?format=json","vulnerability_id":"VCID-urye-s1mf-x7ea","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33910.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33910","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.17011","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16993","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.17104","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.17071","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.17033","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.17109","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33910"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33910"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970887","reference_id":"1970887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970887"},{"reference_url":"https://www.openwall.com/lists/oss-security/2021/07/20/2","reference_id":"2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"https://www.openwall.com/lists/oss-security/2021/07/20/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/08/04/2","reference_id":"2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/08/04/2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/","reference_id":"2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/08/17/3","reference_id":"3","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/08/17/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/09/07/3","reference_id":"3","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/09/07/3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/","reference_id":"42TMJVNYRY65B4QCJICBYOEIVZV3KUYI","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/"},{"reference_url":"https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9","reference_id":"441e0115646d54f080e5c3bb0ba477c892861ab9","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9"},{"reference_url":"https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b","reference_id":"4a1c5f34bd3e1daed4490e9d97918e504d19733b","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b"},{"reference_url":"https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce","reference_id":"764b74113e36ac5219a4b82a05f311b5a92136ce","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce"},{"reference_url":"https://security.archlinux.org/ASA-202107-57","reference_id":"ASA-202107-57","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-57"},{"reference_url":"https://security.archlinux.org/AVG-2179","reference_id":"AVG-2179","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2179"},{"reference_url":"https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538","reference_id":"b00674347337b7531c92fdb65590ab253bb57538","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538"},{"reference_url":"https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b","reference_id":"b34a4f0e6729de292cb3b0c03c1d48f246ad896b","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b"},{"reference_url":"https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61","reference_id":"cfd14c65374027b34dbbc4f0551456c5dc2d1f61","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61"},{"reference_url":"https://www.debian.org/security/2021/dsa-4942","reference_id":"dsa-4942","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"https://www.debian.org/security/2021/dsa-4942"},{"reference_url":"https://security.gentoo.org/glsa/202107-48","reference_id":"GLSA-202107-48","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"https://security.gentoo.org/glsa/202107-48"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211104-0008/","reference_id":"ntap-20211104-0008","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"https://security.netapp.com/advisory/ntap-20211104-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2717","reference_id":"RHSA-2021:2717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2721","reference_id":"RHSA-2021:2721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2724","reference_id":"RHSA-2021:2724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2736","reference_id":"RHSA-2021:2736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2736"},{"reference_url":"http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html","reference_id":"Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:43:40Z/"}],"url":"http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html"},{"reference_url":"https://usn.ubuntu.com/5013-1/","reference_id":"USN-5013-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5013-1/"},{"reference_url":"https://usn.ubuntu.com/5013-2/","reference_id":"USN-5013-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5013-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/6455?format=json","purl":"pkg:deb/debian/systemd@247.3-7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@247.3-7%252Bdeb11u4"}],"aliases":["CVE-2021-33910"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-urye-s1mf-x7ea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/98505?format=json","vulnerability_id":"VCID-vg2j-nbf2-mqfr","summary":"systemd: privilege escalation via the less pager","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26604.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26604.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-26604","reference_id":"","reference_type":"","scores":[{"value":"0.05624","scoring_system":"epss","scoring_elements":"0.90528","published_at":"2026-06-09T12:55:00Z"},{"value":"0.05624","scoring_system":"epss","scoring_elements":"0.905","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05624","scoring_system":"epss","scoring_elements":"0.90514","published_at":"2026-06-05T12:55:00Z"},{"value":"0.05624","scoring_system":"epss","scoring_elements":"0.90515","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05624","scoring_system":"epss","scoring_elements":"0.90513","published_at":"2026-06-07T12:55:00Z"},{"value":"0.05624","scoring_system":"epss","scoring_elements":"0.90511","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-26604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2175611","reference_id":"2175611","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2175611"},{"reference_url":"https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/","reference_id":"dangerous-sudoers-entries-part-2-insecure-functionality","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-07T18:16:19Z/"}],"url":"https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html","reference_id":"msg00032.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-07T18:16:19Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html"},{"reference_url":"https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340","reference_id":"NEWS#L4335-L4340","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-07T18:16:19Z/"}],"url":"https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230505-0009/","reference_id":"ntap-20230505-0009","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-07T18:16:19Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230505-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3837","reference_id":"RHSA-2023:3837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1105","reference_id":"RHSA-2024:1105","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1105"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7705","reference_id":"RHSA-2024:7705","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7705"},{"reference_url":"https://medium.com/%40zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7","reference_id":"saidov-maxim-cve-2023-26604-c1232a526ba7","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-07T18:16:19Z/"}],"url":"https://medium.com/%40zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7"},{"reference_url":"http://packetstormsecurity.com/files/174130/systemd-246-Local-Root-Privilege-Escalation.html","reference_id":"systemd-246-Local-Root-Privilege-Escalation.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-07T18:16:19Z/"}],"url":"http://packetstormsecurity.com/files/174130/systemd-246-Local-Root-Privilege-Escalation.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6455?format=json","purl":"pkg:deb/debian/systemd@247.3-7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@247.3-7%252Bdeb11u4"}],"aliases":["CVE-2023-26604"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vg2j-nbf2-mqfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101876?format=json","vulnerability_id":"VCID-vrze-1cc8-s7ea","summary":"In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1049.json","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1049.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1049","reference_id":"","reference_type":"","scores":[{"value":"0.00463","scoring_system":"epss","scoring_elements":"0.64642","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00463","scoring_system":"epss","scoring_elements":"0.64683","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00463","scoring_system":"epss","scoring_elements":"0.64692","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00463","scoring_system":"epss","scoring_elements":"0.64682","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00463","scoring_system":"epss","scoring_elements":"0.64671","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00463","scoring_system":"epss","scoring_elements":"0.6469","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534701","reference_id":"1534701","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0260","reference_id":"RHSA-2018:0260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0260"},{"reference_url":"https://usn.ubuntu.com/3558-1/","reference_id":"USN-3558-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3558-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2018-1049"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vrze-1cc8-s7ea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101872?format=json","vulnerability_id":"VCID-w96s-4vjc-dugw","summary":"The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7796.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7796.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7796","reference_id":"","reference_type":"","scores":[{"value":"0.00385","scoring_system":"epss","scoring_elements":"0.60066","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00385","scoring_system":"epss","scoring_elements":"0.60113","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00385","scoring_system":"epss","scoring_elements":"0.60116","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00385","scoring_system":"epss","scoring_elements":"0.60104","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00385","scoring_system":"epss","scoring_elements":"0.60087","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00385","scoring_system":"epss","scoring_elements":"0.60105","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7796"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1381911","reference_id":"1381911","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1381911"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839607","reference_id":"839607","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0003","reference_id":"RHSA-2017:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0003"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4981?format=json","purl":"pkg:deb/debian/systemd@232-25%2Bdeb9u12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@232-25%252Bdeb9u12"}],"aliases":["CVE-2016-7796"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w96s-4vjc-dugw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101878?format=json","vulnerability_id":"VCID-wmb7-smgf-pkem","summary":"An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16866.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16866.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16866","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.1908","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19104","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19177","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19174","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19132","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19059","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16866"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16866","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16866"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/106527","reference_id":"106527","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:41:29Z/"}],"url":"http://www.securityfocus.com/bid/106527"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1653867","reference_id":"1653867","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1653867"},{"reference_url":"http://seclists.org/fulldisclosure/2019/May/21","reference_id":"21","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:41:29Z/"}],"url":"http://seclists.org/fulldisclosure/2019/May/21"},{"reference_url":"https://seclists.org/bugtraq/2019/May/25","reference_id":"25","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:41:29Z/"}],"url":"https://seclists.org/bugtraq/2019/May/25"},{"reference_url":"https://usn.ubuntu.com/3855-1/","reference_id":"3855-1","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:41:29Z/"}],"url":"https://usn.ubuntu.com/3855-1/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/05/10/4","reference_id":"4","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:41:29Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/05/10/4"},{"reference_url":"https://security.archlinux.org/ASA-201901-4","reference_id":"ASA-201901-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201901-4"},{"reference_url":"https://security.archlinux.org/AVG-615","reference_id":"AVG-615","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-615"},{"reference_url":"https://www.debian.org/security/2019/dsa-4367","reference_id":"dsa-4367","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:41:29Z/"}],"url":"https://www.debian.org/security/2019/dsa-4367"},{"reference_url":"https://security.gentoo.org/glsa/201903-07","reference_id":"GLSA-201903-07","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:41:29Z/"}],"url":"https://security.gentoo.org/glsa/201903-07"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190117-0001/","reference_id":"ntap-20190117-0001","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:41:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2091","reference_id":"RHSA-2019:2091","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:41:29Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:2091"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3222","reference_id":"RHSA-2019:3222","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:41:29Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:3222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0593","reference_id":"RHSA-2020:0593","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:41:29Z/"}],"url":"https://access.redhat.com/errata/RHSA-2020:0593"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1264","reference_id":"RHSA-2020:1264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1264"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16866","reference_id":"show_bug.cgi?id=CVE-2018-16866","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:41:29Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16866"},{"reference_url":"http://packetstormsecurity.com/files/152841/System-Down-A-systemd-journald-Exploit.html","reference_id":"System-Down-A-systemd-journald-Exploit.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:41:29Z/"}],"url":"http://packetstormsecurity.com/files/152841/System-Down-A-systemd-journald-Exploit.html"},{"reference_url":"https://www.qualys.com/2019/01/09/system-down/system-down.txt","reference_id":"system-down.txt","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:41:29Z/"}],"url":"https://www.qualys.com/2019/01/09/system-down/system-down.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4981?format=json","purl":"pkg:deb/debian/systemd@232-25%2Bdeb9u12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@232-25%252Bdeb9u12"},{"url":"http://public2.vulnerablecode.io/api/packages/5528?format=json","purl":"pkg:deb/debian/systemd@241-7~deb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@241-7~deb10u8"}],"aliases":["CVE-2018-16866"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wmb7-smgf-pkem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62905?format=json","vulnerability_id":"VCID-xpts-t531-dbbr","summary":"systemd: systemd nspawn: Escape-to-host action via crafted config file","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40226.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40226.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40226","reference_id":"","reference_type":"","scores":[{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00875","published_at":"2026-06-09T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00879","published_at":"2026-06-05T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00878","published_at":"2026-06-06T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00877","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40226"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457326","reference_id":"2457326","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457326"},{"reference_url":"https://github.com/systemd/systemd/security/advisories/GHSA-9mj4-rrc3-gjcx","reference_id":"GHSA-9mj4-rrc3-gjcx","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-14T14:47:51Z/"}],"url":"https://github.com/systemd/systemd/security/advisories/GHSA-9mj4-rrc3-gjcx"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7299","reference_id":"RHSA-2026:7299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7299"},{"reference_url":"https://usn.ubuntu.com/8402-1/","reference_id":"USN-8402-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8402-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/510385?format=json","purl":"pkg:deb/debian/systemd@252.39-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@252.39-1~deb12u2"}],"aliases":["CVE-2026-40226"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xpts-t531-dbbr"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101864?format=json","vulnerability_id":"VCID-7zqu-zqhx-zff2","summary":"Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4391.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4391.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4391","reference_id":"","reference_type":"","scores":[{"value":"0.037","scoring_system":"epss","scoring_elements":"0.88158","published_at":"2026-06-04T12:55:00Z"},{"value":"0.037","scoring_system":"epss","scoring_elements":"0.88179","published_at":"2026-06-05T12:55:00Z"},{"value":"0.037","scoring_system":"epss","scoring_elements":"0.88182","published_at":"2026-06-06T12:55:00Z"},{"value":"0.037","scoring_system":"epss","scoring_elements":"0.88181","published_at":"2026-06-08T12:55:00Z"},{"value":"0.037","scoring_system":"epss","scoring_elements":"0.88197","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4327","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4327"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4394","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4394"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357","reference_id":"725357","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=859051","reference_id":"859051","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=859051"},{"reference_url":"https://security.gentoo.org/glsa/201612-34","reference_id":"GLSA-201612-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-34"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4977?format=json","purl":"pkg:deb/debian/systemd@204-14~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-2snu-vneb-7kgb"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-89ba-1bwt-gfgu"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cg68-m7rf-huhs"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-h25y-3yut-byd3"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-m5wm-dxxp-y7h5"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rm7n-14wh-tkb3"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-tshu-xa1a-vuag"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-w96s-4vjc-dugw"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@204-14~bpo70%252B1"}],"aliases":["CVE-2013-4391"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7zqu-zqhx-zff2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101866?format=json","vulnerability_id":"VCID-8kc9-waas-6fhx","summary":"journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4393","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.3528","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35377","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35387","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35352","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35311","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.3533","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4393"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4393","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4393"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357","reference_id":"725357","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357"},{"reference_url":"https://security.gentoo.org/glsa/201612-34","reference_id":"GLSA-201612-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-34"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4977?format=json","purl":"pkg:deb/debian/systemd@204-14~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-2snu-vneb-7kgb"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-89ba-1bwt-gfgu"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cg68-m7rf-huhs"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-h25y-3yut-byd3"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-m5wm-dxxp-y7h5"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rm7n-14wh-tkb3"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-tshu-xa1a-vuag"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-w96s-4vjc-dugw"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@204-14~bpo70%252B1"}],"aliases":["CVE-2013-4393"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8kc9-waas-6fhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101862?format=json","vulnerability_id":"VCID-cwt9-u413-vbdm","summary":"systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4327.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4327.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4327","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09866","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0991","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09924","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09896","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09813","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09845","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4327"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4327","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4327"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4394","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4394"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1006680","reference_id":"1006680","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1006680"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723713","reference_id":"723713","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723713"},{"reference_url":"https://security.gentoo.org/glsa/201406-27","reference_id":"GLSA-201406-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-27"},{"reference_url":"https://usn.ubuntu.com/1961-1/","reference_id":"USN-1961-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1961-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4977?format=json","purl":"pkg:deb/debian/systemd@204-14~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-2snu-vneb-7kgb"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-89ba-1bwt-gfgu"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cg68-m7rf-huhs"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-h25y-3yut-byd3"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-m5wm-dxxp-y7h5"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rm7n-14wh-tkb3"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-tshu-xa1a-vuag"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-w96s-4vjc-dugw"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@204-14~bpo70%252B1"}],"aliases":["CVE-2013-4327"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cwt9-u413-vbdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/101867?format=json","vulnerability_id":"VCID-kg3x-9q9n-qkgv","summary":"The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving \"special and control characters.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4394.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4394.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4394","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28854","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28925","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28889","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28853","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28818","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28828","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4394"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4327","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4327"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4394","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4394"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357","reference_id":"725357","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=862324","reference_id":"862324","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=862324"},{"reference_url":"https://security.gentoo.org/glsa/201612-34","reference_id":"GLSA-201612-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-34"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4977?format=json","purl":"pkg:deb/debian/systemd@204-14~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ads-q8jw-6fcx"},{"vulnerability":"VCID-1dm2-fdsy-a7aq"},{"vulnerability":"VCID-1q48-dryb-y7a5"},{"vulnerability":"VCID-26du-f1xn-7bb2"},{"vulnerability":"VCID-2snu-vneb-7kgb"},{"vulnerability":"VCID-36am-knxz-xfek"},{"vulnerability":"VCID-3euy-kfkc-8keh"},{"vulnerability":"VCID-4333-vpmq-qbbs"},{"vulnerability":"VCID-55ew-qe9a-5uen"},{"vulnerability":"VCID-64xm-zm73-nfay"},{"vulnerability":"VCID-6rw7-cpfk-2qa5"},{"vulnerability":"VCID-89ba-1bwt-gfgu"},{"vulnerability":"VCID-9337-4n7d-dyba"},{"vulnerability":"VCID-9m1u-s3ry-a3ap"},{"vulnerability":"VCID-9phe-afnu-qkb3"},{"vulnerability":"VCID-a8d1-4mtq-5uf3"},{"vulnerability":"VCID-afkf-p5hd-dkfe"},{"vulnerability":"VCID-b47h-67k1-eqdm"},{"vulnerability":"VCID-cg68-m7rf-huhs"},{"vulnerability":"VCID-cuv8-pcc7-pqc2"},{"vulnerability":"VCID-cxy5-pbmr-xycj"},{"vulnerability":"VCID-g1tj-dj2p-pffn"},{"vulnerability":"VCID-gz7h-uwsh-u3gs"},{"vulnerability":"VCID-h25y-3yut-byd3"},{"vulnerability":"VCID-j267-ctps-7bcj"},{"vulnerability":"VCID-k51x-6b44-ykcm"},{"vulnerability":"VCID-ky5c-16g2-5udr"},{"vulnerability":"VCID-m5wm-dxxp-y7h5"},{"vulnerability":"VCID-me6t-p2ef-43ch"},{"vulnerability":"VCID-mxv6-8rgd-rkgf"},{"vulnerability":"VCID-n6bq-wvj2-1bg3"},{"vulnerability":"VCID-qqbh-s9uf-zbf4"},{"vulnerability":"VCID-rcau-3p2v-6ugy"},{"vulnerability":"VCID-rjqq-ptca-sqgf"},{"vulnerability":"VCID-rm7n-14wh-tkb3"},{"vulnerability":"VCID-rykf-gnvj-suff"},{"vulnerability":"VCID-ssz9-bb5g-cqa2"},{"vulnerability":"VCID-tshu-xa1a-vuag"},{"vulnerability":"VCID-urye-s1mf-x7ea"},{"vulnerability":"VCID-vg2j-nbf2-mqfr"},{"vulnerability":"VCID-vrze-1cc8-s7ea"},{"vulnerability":"VCID-w96s-4vjc-dugw"},{"vulnerability":"VCID-wmb7-smgf-pkem"},{"vulnerability":"VCID-xpts-t531-dbbr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@204-14~bpo70%252B1"}],"aliases":["CVE-2013-4394"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kg3x-9q9n-qkgv"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/systemd@204-14~bpo70%252B1"}