Package Instance

reference_id

AVG-837

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8934.json

reference_url	https://access.redhat.com/errata/RHSA-2019:2298
reference_id	RHSA-2019:2298
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2298

reference_url	https://access.redhat.com/errata/RHSA-2019:3698
reference_id	RHSA-2019:3698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3698

reference_url	https://usn.ubuntu.com/3884-1/
reference_id	USN-3884-1
reference_type
scores
url	https://usn.ubuntu.com/3884-1/

fixed_packages

url pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

purl pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.3.3-4%252Bdeb10u1

aliases CVE-2019-1000020

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4t89-41bc-3ba8

url VCID-5rvq-dzxr-ckb7

vulnerability_id VCID-5rvq-dzxr-ckb7

summary The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.

references

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8934.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8934

reference_id

reference_type

scores

value	0.00335
scoring_system	epss
scoring_elements	0.56557
published_at	2026-06-04T12:55:00Z

value	0.00335
scoring_system	epss
scoring_elements	0.5661
published_at	2026-06-05T12:55:00Z

value	0.00335
scoring_system	epss
scoring_elements	0.56616
published_at	2026-06-06T12:55:00Z

value	0.00335
scoring_system	epss
scoring_elements	0.56605
published_at	2026-06-07T12:55:00Z

value	0.00335
scoring_system	epss
scoring_elements	0.5659
published_at	2026-06-08T12:55:00Z

value	0.00335
scoring_system	epss
scoring_elements	0.56608
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1349229
reference_id	1349229
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1349229

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8934

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5rvq-dzxr-ckb7

url VCID-5tcn-ytvt-23bk

vulnerability_id VCID-5tcn-ytvt-23bk

summary Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1541.json

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1541.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1541

reference_id

reference_type

scores

value	0.12269
scoring_system	epss
scoring_elements	0.93989
published_at	2026-06-04T12:55:00Z

value	0.12269
scoring_system	epss
scoring_elements	0.93997
published_at	2026-06-05T12:55:00Z

value	0.12269
scoring_system	epss
scoring_elements	0.94003
published_at	2026-06-09T12:55:00Z

value	0.12269
scoring_system	epss
scoring_elements	0.93996
published_at	2026-06-08T12:55:00Z

value	0.12269
scoring_system	epss
scoring_elements	0.93998
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1334211
reference_id	1334211
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1334211

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823893
reference_id	823893
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823893

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://usn.ubuntu.com/2981-1/
reference_id	USN-2981-1
reference_type
scores
url	https://usn.ubuntu.com/2981-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2016-1541

risk_score 3.8

exploitability 0.5

weighted_severity 7.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5tcn-ytvt-23bk

url VCID-6fu1-u451-13bk

vulnerability_id VCID-6fu1-u451-13bk

summary A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5916.json

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5916.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5916

reference_id

reference_type

scores

value	0.00102
scoring_system	epss
scoring_elements	0.27457
published_at	2026-06-09T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.27588
published_at	2026-06-05T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.27537
published_at	2026-06-06T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.27499
published_at	2026-06-07T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.2745
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5916

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107623
reference_id	1107623
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107623

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2370872

reference_id

2370872

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T14:03:44Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2370872

reference_url

https://github.com/libarchive/libarchive/pull/2568

reference_id

2568

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T14:03:44Z/

url

https://github.com/libarchive/libarchive/pull/2568

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-5916

reference_id

CVE-2025-5916

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T14:03:44Z/

url

https://access.redhat.com/security/cve/CVE-2025-5916

reference_url	https://usn.ubuntu.com/7601-1/
reference_id	USN-7601-1
reference_type
scores
url	https://usn.ubuntu.com/7601-1/

reference_url	https://usn.ubuntu.com/8147-1/
reference_id	USN-8147-1
reference_type
scores
url	https://usn.ubuntu.com/8147-1/

reference_url

https://github.com/libarchive/libarchive/releases/tag/v3.8.0

reference_id

v3.8.0

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T14:03:44Z/

url

https://github.com/libarchive/libarchive/releases/tag/v3.8.0

fixed_packages

url pkg:deb/debian/libarchive@3.6.2-1%2Bdeb12u4

purl pkg:deb/debian/libarchive@3.6.2-1%2Bdeb12u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1pp8-5uev-z7b4

vulnerability	VCID-9uqp-6xsc-g7c1

vulnerability	VCID-evkf-vrqz-kkca

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.6.2-1%252Bdeb12u4

aliases CVE-2025-5916

risk_score 1.8

exploitability 0.5

weighted_severity 3.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6fu1-u451-13bk

url VCID-8mvg-64ae-37b7

vulnerability_id VCID-8mvg-64ae-37b7

summary The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4809.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4809.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4809

reference_id

reference_type

scores

value	0.0313
scoring_system	epss
scoring_elements	0.87101
published_at	2026-06-04T12:55:00Z

value	0.0313
scoring_system	epss
scoring_elements	0.87123
published_at	2026-06-09T12:55:00Z

value	0.0313
scoring_system	epss
scoring_elements	0.87112
published_at	2026-06-08T12:55:00Z

value	0.0313
scoring_system	epss
scoring_elements	0.87121
published_at	2026-06-06T12:55:00Z

value	0.0313
scoring_system	epss
scoring_elements	0.87116
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1347084
reference_id	1347084
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1347084

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://access.redhat.com/errata/RHSA-2016:1850
reference_id	RHSA-2016:1850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1850

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2016-4809

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8mvg-64ae-37b7

url VCID-at9e-fmp1-efcy

vulnerability_id VCID-at9e-fmp1-efcy

summary Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4302.json

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4302.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4302

reference_id

reference_type

scores

value	0.01463
scoring_system	epss
scoring_elements	0.81214
published_at	2026-06-04T12:55:00Z

value	0.01463
scoring_system	epss
scoring_elements	0.81242
published_at	2026-06-05T12:55:00Z

value	0.01463
scoring_system	epss
scoring_elements	0.81244
published_at	2026-06-06T12:55:00Z

value	0.01463
scoring_system	epss
scoring_elements	0.81241
published_at	2026-06-07T12:55:00Z

value	0.01463
scoring_system	epss
scoring_elements	0.81237
published_at	2026-06-08T12:55:00Z

value	0.01463
scoring_system	epss
scoring_elements	0.81254
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348444
reference_id	1348444
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348444

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2016-4302

risk_score 3.5

exploitability 0.5

weighted_severity 6.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-at9e-fmp1-efcy

url VCID-b72d-fhvw-nqb2

vulnerability_id VCID-b72d-fhvw-nqb2

summary libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4424.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4424.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4424

reference_id

reference_type

scores

value	0.001
scoring_system	epss
scoring_elements	0.27209
published_at	2026-06-09T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27338
published_at	2026-06-05T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27287
published_at	2026-06-06T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27247
published_at	2026-06-07T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27199
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4424

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4424
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4424

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131446
reference_id	1131446
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131446

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2449006

reference_id

2449006

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2449006

reference_url

https://github.com/libarchive/libarchive/pull/2898

reference_id

2898

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

https://github.com/libarchive/libarchive/pull/2898

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.2::el9
reference_id	cpe:/a:redhat:ai_inference_server:3.2::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.2::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.3::el9
reference_id	cpe:/a:redhat:ai_inference_server:3.3::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.3::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9
reference_id	cpe:/a:redhat:discovery:2::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1
reference_id	cpe:/a:redhat:hummingbird:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9
reference_id	cpe:/a:redhat:insights_proxy:1.5::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8
reference_id	cpe:/a:redhat:openshift:4.12::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id	cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id	cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id	cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id	cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
reference_id	cpe:/a:redhat:openshift:4.17::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9
reference_id	cpe:/a:redhat:openshift:4.18::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9
reference_id	cpe:/a:redhat:openshift:4.19::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb
reference_id	cpe:/a:redhat:rhel_eus:9.4::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
reference_id	cpe:/a:redhat:rhosemc:1.0::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:5::el9
reference_id	cpe:/a:redhat:rhui:5::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:5::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1
reference_id	cpe:/o:redhat:enterprise_linux:10.1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0
reference_id	cpe:/o:redhat:enterprise_linux_eus:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id	cpe:/o:redhat:rhel_els:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_id	cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2026-4424

reference_id

CVE-2026-4424

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

https://access.redhat.com/security/cve/CVE-2026-4424

reference_url

reference_id

RHSA-2026:10065

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:10097

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:11768

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:12071

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:12274

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:13812

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:14773

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:14937

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:15087

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:16008

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:16009

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:16030

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:16174

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:17596

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:19724

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:19725

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:20040

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:21690

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

https://access.redhat.com/errata/RHSA-2026:8492

reference_url

reference_id

RHSA-2026:8492

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

https://access.redhat.com/errata/RHSA-2026:8492

reference_url

reference_id

RHSA-2026:8510

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:8517

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:8521

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:8534

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:8864

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:8865

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:8866

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:8867

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:8873

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:8908

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:8944

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:9026

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:9592

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

reference_url

reference_id

RHSA-2026:9832

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T17:07:05Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10350.json

reference_url	https://usn.ubuntu.com/8292-1/
reference_id	USN-8292-1
reference_type
scores
url	https://usn.ubuntu.com/8292-1/

fixed_packages

url pkg:deb/debian/libarchive@3.6.2-1%2Bdeb12u4

purl pkg:deb/debian/libarchive@3.6.2-1%2Bdeb12u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1pp8-5uev-z7b4

vulnerability	VCID-9uqp-6xsc-g7c1

vulnerability	VCID-evkf-vrqz-kkca

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.6.2-1%252Bdeb12u4

aliases CVE-2026-4424

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b72d-fhvw-nqb2

url VCID-bb9k-aw7s-gqg9

vulnerability_id VCID-bb9k-aw7s-gqg9

summary The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10350.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-10350

reference_id

reference_type

scores

value	0.00986
scoring_system	epss
scoring_elements	0.77184
published_at	2026-06-04T12:55:00Z

value	0.00986
scoring_system	epss
scoring_elements	0.77216
published_at	2026-06-05T12:55:00Z

value	0.00986
scoring_system	epss
scoring_elements	0.77205
published_at	2026-06-08T12:55:00Z

value	0.00986
scoring_system	epss
scoring_elements	0.77226
published_at	2026-06-09T12:55:00Z

value	0.00986
scoring_system	epss
scoring_elements	0.77214
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-10350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1449530
reference_id	1449530
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1449530

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861609
reference_id	861609
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861609

reference_url	https://security.gentoo.org/glsa/201710-19
reference_id	GLSA-201710-19
reference_type
scores
url	https://security.gentoo.org/glsa/201710-19

reference_url	https://usn.ubuntu.com/3736-1/
reference_id	USN-3736-1
reference_type
scores
url	https://usn.ubuntu.com/3736-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

url pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

purl pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.3.3-4%252Bdeb10u1

aliases CVE-2016-10350

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bb9k-aw7s-gqg9

url VCID-cny6-pqmg-kba4

vulnerability_id VCID-cny6-pqmg-kba4

summary Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6250.json

reference_id

reference_type

scores

value	7.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6250.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-6250

reference_id

reference_type

scores

value	0.02708
scoring_system	epss
scoring_elements	0.86179
published_at	2026-06-04T12:55:00Z

value	0.02708
scoring_system	epss
scoring_elements	0.862
published_at	2026-06-09T12:55:00Z

value	0.02708
scoring_system	epss
scoring_elements	0.86186
published_at	2026-06-08T12:55:00Z

value	0.02708
scoring_system	epss
scoring_elements	0.86203
published_at	2026-06-06T12:55:00Z

value	0.02708
scoring_system	epss
scoring_elements	0.86198
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-6250

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5418
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5418

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6250
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6250

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7166
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7166

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1347085
reference_id	1347085
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1347085

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://usn.ubuntu.com/3225-1/
reference_id	USN-3225-1
reference_type
scores
url	https://usn.ubuntu.com/3225-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2016-6250

risk_score 3.5

exploitability 0.5

weighted_severity 7.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cny6-pqmg-kba4

url VCID-d7x6-bkm5-nbbb

vulnerability_id VCID-d7x6-bkm5-nbbb

summary libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5121.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5121.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-5121

reference_id

reference_type

scores

value	0.00055
scoring_system	epss
scoring_elements	0.17663
published_at	2026-06-06T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17566
published_at	2026-06-09T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.1755
published_at	2026-06-08T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.1763
published_at	2026-06-07T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20269
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-5121

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5121
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5121

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133002
reference_id	1133002
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133002

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2452945

reference_id

2452945

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2452945

reference_url

https://github.com/libarchive/libarchive/pull/2934

reference_id

2934

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

https://github.com/libarchive/libarchive/pull/2934

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.2::el9
reference_id	cpe:/a:redhat:ai_inference_server:3.2::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.2::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.3::el9
reference_id	cpe:/a:redhat:ai_inference_server:3.3::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.3::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9
reference_id	cpe:/a:redhat:discovery:2::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1
reference_id	cpe:/a:redhat:hummingbird:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9
reference_id	cpe:/a:redhat:insights_proxy:1.5::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8
reference_id	cpe:/a:redhat:openshift:4.12::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id	cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id	cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id	cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id	cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
reference_id	cpe:/a:redhat:openshift:4.17::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9
reference_id	cpe:/a:redhat:openshift:4.18::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9
reference_id	cpe:/a:redhat:openshift:4.19::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb
reference_id	cpe:/a:redhat:rhel_eus:9.4::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
reference_id	cpe:/a:redhat:rhosemc:1.0::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:5::el9
reference_id	cpe:/a:redhat:rhui:5::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:5::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id	cpe:/o:redhat:rhel_els:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_id	cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2026-5121

reference_id

CVE-2026-5121

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

https://access.redhat.com/security/cve/CVE-2026-5121

reference_url

https://github.com/advisories/GHSA-2vwv-vqpv-v8vc

reference_id

GHSA-2vwv-vqpv-v8vc

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

https://github.com/advisories/GHSA-2vwv-vqpv-v8vc

reference_url

reference_id

RHSA-2026:10065

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:10097

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:11768

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:12071

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:12274

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:13812

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:14773

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:14937

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:15087

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:16008

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:16009

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:16030

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:16174

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:17596

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:19724

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:19725

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:20040

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:21690

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:8510

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:8517

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:8521

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:8534

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:8864

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:8866

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:8867

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:8873

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:8908

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:8944

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:9026

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:9592

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

reference_url

reference_id

RHSA-2026:9832

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-31T03:55:34Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14166.json

reference_url	https://usn.ubuntu.com/8292-1/
reference_id	USN-8292-1
reference_type
scores
url	https://usn.ubuntu.com/8292-1/

fixed_packages

url pkg:deb/debian/libarchive@3.6.2-1%2Bdeb12u4

purl pkg:deb/debian/libarchive@3.6.2-1%2Bdeb12u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1pp8-5uev-z7b4

vulnerability	VCID-9uqp-6xsc-g7c1

vulnerability	VCID-evkf-vrqz-kkca

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.6.2-1%252Bdeb12u4

aliases CVE-2026-5121

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d7x6-bkm5-nbbb

url VCID-ds4r-cxqd-33c4

vulnerability_id VCID-ds4r-cxqd-33c4

summary libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_format_xar.c.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14166.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14166

reference_id

reference_type

scores

value	0.0229
scoring_system	epss
scoring_elements	0.85005
published_at	2026-06-04T12:55:00Z

value	0.0229
scoring_system	epss
scoring_elements	0.85029
published_at	2026-06-05T12:55:00Z

value	0.0229
scoring_system	epss
scoring_elements	0.85018
published_at	2026-06-08T12:55:00Z

value	0.0229
scoring_system	epss
scoring_elements	0.85033
published_at	2026-06-09T12:55:00Z

value	0.0229
scoring_system	epss
scoring_elements	0.85028
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14166

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1489852
reference_id	1489852
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1489852

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874539
reference_id	874539
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874539

reference_url	https://security.gentoo.org/glsa/201908-11
reference_id	GLSA-201908-11
reference_type
scores
url	https://security.gentoo.org/glsa/201908-11

reference_url	https://usn.ubuntu.com/3736-1/
reference_id	USN-3736-1
reference_type
scores
url	https://usn.ubuntu.com/3736-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

url pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

purl pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.3.3-4%252Bdeb10u1

aliases CVE-2017-14166

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ds4r-cxqd-33c4

url VCID-eah1-4b6g-2ban

vulnerability_id VCID-eah1-4b6g-2ban

summary Stack-based buffer overflow in the safe_fprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8687.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8687.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8687

reference_id

reference_type

scores

value	0.01379
scoring_system	epss
scoring_elements	0.80601
published_at	2026-06-04T12:55:00Z

value	0.01379
scoring_system	epss
scoring_elements	0.80642
published_at	2026-06-09T12:55:00Z

value	0.01379
scoring_system	epss
scoring_elements	0.80626
published_at	2026-06-07T12:55:00Z

value	0.01379
scoring_system	epss
scoring_elements	0.80623
published_at	2026-06-08T12:55:00Z

value	0.01379
scoring_system	epss
scoring_elements	0.80627
published_at	2026-06-05T12:55:00Z

value	0.01379
scoring_system	epss
scoring_elements	0.80629
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8687

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8687
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8687

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1377926
reference_id	1377926
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1377926

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840936
reference_id	840936
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840936

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://usn.ubuntu.com/3225-1/
reference_id	USN-3225-1
reference_type
scores
url	https://usn.ubuntu.com/3225-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2016-8687

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eah1-4b6g-2ban

url VCID-g4hd-5kt2-wuc1

vulnerability_id VCID-g4hd-5kt2-wuc1

summary An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14501.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14501.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14501

reference_id

reference_type

scores

value	0.00611
scoring_system	epss
scoring_elements	0.7019
published_at	2026-06-04T12:55:00Z

value	0.00611
scoring_system	epss
scoring_elements	0.70235
published_at	2026-06-09T12:55:00Z

value	0.00611
scoring_system	epss
scoring_elements	0.70224
published_at	2026-06-07T12:55:00Z

value	0.00611
scoring_system	epss
scoring_elements	0.70212
published_at	2026-06-08T12:55:00Z

value	0.00611
scoring_system	epss
scoring_elements	0.70233
published_at	2026-06-05T12:55:00Z

value	0.00611
scoring_system	epss
scoring_elements	0.70241
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14501

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1494460
reference_id	1494460
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1494460

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875966
reference_id	875966
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875966

reference_url	https://security.gentoo.org/glsa/201908-11
reference_id	GLSA-201908-11
reference_type
scores
url	https://security.gentoo.org/glsa/201908-11

reference_url	https://usn.ubuntu.com/3736-1/
reference_id	USN-3736-1
reference_type
scores
url	https://usn.ubuntu.com/3736-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

url pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

purl pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.3.3-4%252Bdeb10u1

aliases CVE-2017-14501

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g4hd-5kt2-wuc1

url VCID-g5gx-6cyn-wkda

vulnerability_id VCID-g5gx-6cyn-wkda

summary The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5418.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5418.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-5418

reference_id

reference_type

scores

value	0.03788
scoring_system	epss
scoring_elements	0.88316
published_at	2026-06-09T12:55:00Z

value	0.03788
scoring_system	epss
scoring_elements	0.88301
published_at	2026-06-08T12:55:00Z

value	0.05224
scoring_system	epss
scoring_elements	0.90135
published_at	2026-06-05T12:55:00Z

value	0.05224
scoring_system	epss
scoring_elements	0.90134
published_at	2026-06-06T12:55:00Z

value	0.05224
scoring_system	epss
scoring_elements	0.90132
published_at	2026-06-07T12:55:00Z

value	0.05224
scoring_system	epss
scoring_elements	0.90119
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-5418

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5418
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5418

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6250
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6250

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7166
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7166

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1362601
reference_id	1362601
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1362601

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837714
reference_id	837714
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837714

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://access.redhat.com/errata/RHSA-2016:1850
reference_id	RHSA-2016:1850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1850

reference_url	https://access.redhat.com/errata/RHSA-2016:1852
reference_id	RHSA-2016:1852
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1852

reference_url	https://access.redhat.com/errata/RHSA-2016:1853
reference_id	RHSA-2016:1853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1853

reference_url	https://usn.ubuntu.com/3225-1/
reference_id	USN-3225-1
reference_type
scores
url	https://usn.ubuntu.com/3225-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2016-5418

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g5gx-6cyn-wkda

url VCID-gu6c-aam9-9bfs

vulnerability_id VCID-gu6c-aam9-9bfs

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000877.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000877.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000877

reference_id

reference_type

scores

value	0.01775
scoring_system	epss
scoring_elements	0.83045
published_at	2026-06-07T12:55:00Z

value	0.01775
scoring_system	epss
scoring_elements	0.83022
published_at	2026-06-04T12:55:00Z

value	0.01775
scoring_system	epss
scoring_elements	0.83037
published_at	2026-06-08T12:55:00Z

value	0.01775
scoring_system	epss
scoring_elements	0.83049
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1663887
reference_id	1663887
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1663887

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916964
reference_id	916964
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916964

reference_url	https://security.archlinux.org/ASA-201906-21
reference_id	ASA-201906-21
reference_type
scores
url	https://security.archlinux.org/ASA-201906-21

reference_url

reference_id

AVG-837

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8915

reference_url	https://access.redhat.com/errata/RHSA-2019:2298
reference_id	RHSA-2019:2298
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2298

reference_url	https://access.redhat.com/errata/RHSA-2019:3698
reference_id	RHSA-2019:3698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3698

reference_url	https://usn.ubuntu.com/3859-1/
reference_id	USN-3859-1
reference_type
scores
url	https://usn.ubuntu.com/3859-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

url pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

purl pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.3.3-4%252Bdeb10u1

aliases CVE-2018-1000877

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gu6c-aam9-9bfs

url VCID-gudt-ehk8-4uf4

vulnerability_id VCID-gudt-ehk8-4uf4

summary bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read and crash) via crafted cpio file.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8915.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8915.json

reference_url

reference_id

reference_type

scores

value	0.00418
scoring_system	epss
scoring_elements	0.6217
published_at	2026-06-06T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.6216
published_at	2026-06-09T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.62162
published_at	2026-06-05T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.62113
published_at	2026-06-04T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.62158
published_at	2026-06-07T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.62143
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8915

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8915
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8915

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1216891
reference_id	1216891
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1216891

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784213
reference_id	784213
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784213

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8915

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gudt-ehk8-4uf4

url VCID-gue4-gwmq-cud9

vulnerability_id VCID-gue4-gwmq-cud9

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1000019.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1000019.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-1000019

reference_id

reference_type

scores

value	0.01801
scoring_system	epss
scoring_elements	0.83135
published_at	2026-06-04T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.83162
published_at	2026-06-09T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.83156
published_at	2026-06-07T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.8315
published_at	2026-06-08T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.8316
published_at	2026-06-05T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.83161
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-1000019

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1000019
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1000019

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1672892
reference_id	1672892
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1672892

reference_url	https://security.archlinux.org/ASA-201906-21
reference_id	ASA-201906-21
reference_type
scores
url	https://security.archlinux.org/ASA-201906-21

reference_url

reference_id

AVG-837

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8923.json

reference_url	https://access.redhat.com/errata/RHSA-2019:2298
reference_id	RHSA-2019:2298
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2298

reference_url	https://access.redhat.com/errata/RHSA-2019:3698
reference_id	RHSA-2019:3698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3698

reference_url	https://usn.ubuntu.com/3884-1/
reference_id	USN-3884-1
reference_type
scores
url	https://usn.ubuntu.com/3884-1/

fixed_packages

url pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

purl pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.3.3-4%252Bdeb10u1

aliases CVE-2019-1000019

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gue4-gwmq-cud9

url VCID-her3-2ts6-tqcy

vulnerability_id VCID-her3-2ts6-tqcy

summary The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file.

references

reference_url

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8923.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8923

reference_id

reference_type

scores

value	0.02215
scoring_system	epss
scoring_elements	0.84781
published_at	2026-06-04T12:55:00Z

value	0.02215
scoring_system	epss
scoring_elements	0.84805
published_at	2026-06-05T12:55:00Z

value	0.02215
scoring_system	epss
scoring_elements	0.84809
published_at	2026-06-06T12:55:00Z

value	0.02215
scoring_system	epss
scoring_elements	0.84803
published_at	2026-06-07T12:55:00Z

value	0.02215
scoring_system	epss
scoring_elements	0.84792
published_at	2026-06-08T12:55:00Z

value	0.02215
scoring_system	epss
scoring_elements	0.84806
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348773
reference_id	1348773
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348773

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8923

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-her3-2ts6-tqcy

url VCID-hg9d-v158-mkc1

vulnerability_id VCID-hg9d-v158-mkc1

summary An error in the lha_read_file_header_1() function (archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5601.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5601.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5601

reference_id

reference_type

scores

value	0.00982
scoring_system	epss
scoring_elements	0.77129
published_at	2026-06-04T12:55:00Z

value	0.00982
scoring_system	epss
scoring_elements	0.77171
published_at	2026-06-09T12:55:00Z

value	0.00982
scoring_system	epss
scoring_elements	0.77159
published_at	2026-06-07T12:55:00Z

value	0.00982
scoring_system	epss
scoring_elements	0.77149
published_at	2026-06-08T12:55:00Z

value	0.00982
scoring_system	epss
scoring_elements	0.7716
published_at	2026-06-05T12:55:00Z

value	0.00982
scoring_system	epss
scoring_elements	0.7717
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5601

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1417912
reference_id	1417912
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1417912

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853278
reference_id	853278
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853278

reference_url	https://usn.ubuntu.com/3225-1/
reference_id	USN-3225-1
reference_type
scores
url	https://usn.ubuntu.com/3225-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2017-5601

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hg9d-v158-mkc1

url VCID-hxfa-y27q-ebbd

vulnerability_id VCID-hxfa-y27q-ebbd

summary Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8931.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8931.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8931

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50498
published_at	2026-06-04T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50559
published_at	2026-06-05T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50567
published_at	2026-06-06T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50547
published_at	2026-06-07T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50517
published_at	2026-06-08T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50534
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348779
reference_id	1348779
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348779

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8931

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hxfa-y27q-ebbd

url VCID-jpyc-ymx3-uuhh

vulnerability_id VCID-jpyc-ymx3-uuhh

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000879.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000879.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000879

reference_id

reference_type

scores

value	0.00689
scoring_system	epss
scoring_elements	0.72163
published_at	2026-06-04T12:55:00Z

value	0.00689
scoring_system	epss
scoring_elements	0.72203
published_at	2026-06-09T12:55:00Z

value	0.00689
scoring_system	epss
scoring_elements	0.7219
published_at	2026-06-07T12:55:00Z

value	0.00689
scoring_system	epss
scoring_elements	0.72177
published_at	2026-06-08T12:55:00Z

value	0.00689
scoring_system	epss
scoring_elements	0.72204
published_at	2026-06-05T12:55:00Z

value	0.00689
scoring_system	epss
scoring_elements	0.72211
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000879

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000879
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000879

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1663890
reference_id	1663890
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1663890

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916962
reference_id	916962
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916962

reference_url	https://security.archlinux.org/ASA-201906-21
reference_id	ASA-201906-21
reference_type
scores
url	https://security.archlinux.org/ASA-201906-21

reference_url

reference_id

AVG-837

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000878.json

fixed_packages

url pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

purl pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.3.3-4%252Bdeb10u1

aliases CVE-2018-1000879

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jpyc-ymx3-uuhh

url VCID-k2jw-vx9c-1bg3

vulnerability_id VCID-k2jw-vx9c-1bg3

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000878.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000878

reference_id

reference_type

scores

value	0.0171
scoring_system	epss
scoring_elements	0.82673
published_at	2026-06-04T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82703
published_at	2026-06-09T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82697
published_at	2026-06-07T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82691
published_at	2026-06-08T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82701
published_at	2026-06-05T12:55:00Z

value	0.0171
scoring_system	epss
scoring_elements	0.82699
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000878

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1663889
reference_id	1663889
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1663889

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916963
reference_id	916963
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916963

reference_url	https://security.archlinux.org/ASA-201906-21
reference_id	ASA-201906-21
reference_type
scores
url	https://security.archlinux.org/ASA-201906-21

reference_url

reference_id

AVG-837

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5918.json

reference_url	https://access.redhat.com/errata/RHSA-2019:2298
reference_id	RHSA-2019:2298
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2298

reference_url	https://access.redhat.com/errata/RHSA-2019:3698
reference_id	RHSA-2019:3698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3698

reference_url	https://usn.ubuntu.com/3859-1/
reference_id	USN-3859-1
reference_type
scores
url	https://usn.ubuntu.com/3859-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

url pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

purl pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.3.3-4%252Bdeb10u1

aliases CVE-2018-1000878

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k2jw-vx9c-1bg3

url VCID-k366-b845-abfj

vulnerability_id VCID-k366-b845-abfj

summary A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.

references

reference_url

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5918.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5918

reference_id

reference_type

scores

value	0.00113
scoring_system	epss
scoring_elements	0.29499
published_at	2026-06-09T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29589
published_at	2026-06-05T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29551
published_at	2026-06-06T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29518
published_at	2026-06-07T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29486
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5918

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107624
reference_id	1107624
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107624

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2370877

reference_id

2370877

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:44:05Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2370877

reference_url

https://github.com/libarchive/libarchive/pull/2584

reference_id

2584

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:44:05Z/

url

https://github.com/libarchive/libarchive/pull/2584

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-5918

reference_id

CVE-2025-5918

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:44:05Z/

url

https://access.redhat.com/security/cve/CVE-2025-5918

reference_url	https://usn.ubuntu.com/8147-1/
reference_id	USN-8147-1
reference_type
scores
url	https://usn.ubuntu.com/8147-1/

reference_url

https://github.com/libarchive/libarchive/releases/tag/v3.8.0

reference_id

v3.8.0

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:44:05Z/

url

https://github.com/libarchive/libarchive/releases/tag/v3.8.0

fixed_packages

url pkg:deb/debian/libarchive@3.6.2-1%2Bdeb12u4

purl pkg:deb/debian/libarchive@3.6.2-1%2Bdeb12u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1pp8-5uev-z7b4

vulnerability	VCID-9uqp-6xsc-g7c1

vulnerability	VCID-evkf-vrqz-kkca

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.6.2-1%252Bdeb12u4

aliases CVE-2025-5918

risk_score 1.8

exploitability 0.5

weighted_severity 3.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k366-b845-abfj

url VCID-kgdg-2t87-e7by

vulnerability_id VCID-kgdg-2t87-e7by

summary The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archive.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8689.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8689.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8689

reference_id

reference_type

scores

value	0.01118
scoring_system	epss
scoring_elements	0.78563
published_at	2026-06-04T12:55:00Z

value	0.01118
scoring_system	epss
scoring_elements	0.78589
published_at	2026-06-05T12:55:00Z

value	0.01118
scoring_system	epss
scoring_elements	0.78597
published_at	2026-06-06T12:55:00Z

value	0.01118
scoring_system	epss
scoring_elements	0.78588
published_at	2026-06-07T12:55:00Z

value	0.01118
scoring_system	epss
scoring_elements	0.78576
published_at	2026-06-08T12:55:00Z

value	0.01118
scoring_system	epss
scoring_elements	0.78594
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8689

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8689
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8689

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:C

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1377925
reference_id	1377925
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1377925

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840934
reference_id	840934
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840934

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://usn.ubuntu.com/3225-1/
reference_id	USN-3225-1
reference_type
scores
url	https://usn.ubuntu.com/3225-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2016-8689

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kgdg-2t87-e7by

url VCID-mag5-4n4u-37en

vulnerability_id VCID-mag5-4n4u-37en

summary bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8916.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8916.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8916

reference_id

reference_type

scores

value	0.00973
scoring_system	epss
scoring_elements	0.77011
published_at	2026-06-04T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.77044
published_at	2026-06-05T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.77053
published_at	2026-06-06T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.77041
published_at	2026-06-07T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.77031
published_at	2026-06-08T12:55:00Z

value	0.00973
scoring_system	epss
scoring_elements	0.77052
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348412
reference_id	1348412
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348412

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8916

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mag5-4n4u-37en

url VCID-mtev-kqrn-hybv

vulnerability_id VCID-mtev-kqrn-hybv

summary The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8688.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8688.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8688

reference_id

reference_type

scores

value	0.00226
scoring_system	epss
scoring_elements	0.45439
published_at	2026-06-04T12:55:00Z

value	0.00226
scoring_system	epss
scoring_elements	0.45508
published_at	2026-06-05T12:55:00Z

value	0.00226
scoring_system	epss
scoring_elements	0.45511
published_at	2026-06-06T12:55:00Z

value	0.00226
scoring_system	epss
scoring_elements	0.45491
published_at	2026-06-07T12:55:00Z

value	0.00226
scoring_system	epss
scoring_elements	0.45466
published_at	2026-06-08T12:55:00Z

value	0.00226
scoring_system	epss
scoring_elements	0.45479
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8688

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8688
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8688

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1377923
reference_id	1377923
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1377923

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840935
reference_id	840935
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840935

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://usn.ubuntu.com/3225-1/
reference_id	USN-3225-1
reference_type
scores
url	https://usn.ubuntu.com/3225-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2016-8688

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mtev-kqrn-hybv

url VCID-n336-t2eq-e3cs

vulnerability_id VCID-n336-t2eq-e3cs

summary The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8926.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8926.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8926

reference_id

reference_type

scores

value	0.00409
scoring_system	epss
scoring_elements	0.61598
published_at	2026-06-04T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61646
published_at	2026-06-05T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61653
published_at	2026-06-06T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61642
published_at	2026-06-07T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61626
published_at	2026-06-08T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61644
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348424
reference_id	1348424
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348424

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8926

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n336-t2eq-e3cs

url VCID-n352-9wrh-rqgc

vulnerability_id VCID-n352-9wrh-rqgc

summary The trad_enc_decrypt_update function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted zip file, related to reading the password.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8927.json

reference_id

reference_type

scores

value	3.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8927.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8927

reference_id

reference_type

scores

value	0.00222
scoring_system	epss
scoring_elements	0.44851
published_at	2026-06-04T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.4492
published_at	2026-06-05T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44927
published_at	2026-06-06T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44906
published_at	2026-06-07T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44877
published_at	2026-06-08T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44888
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8927

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8927
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8927

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348426
reference_id	1348426
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348426

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8927

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n352-9wrh-rqgc

url VCID-n56c-gd3f-1ba1

vulnerability_id VCID-n56c-gd3f-1ba1

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000880.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000880.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000880

reference_id

reference_type

scores

value	0.00537
scoring_system	epss
scoring_elements	0.67859
published_at	2026-06-04T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67897
published_at	2026-06-09T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67895
published_at	2026-06-07T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67882
published_at	2026-06-08T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67898
published_at	2026-06-05T12:55:00Z

value	0.00537
scoring_system	epss
scoring_elements	0.67905
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000880

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1663892
reference_id	1663892
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1663892

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916960
reference_id	916960
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916960

reference_url	https://security.archlinux.org/ASA-201906-21
reference_id	ASA-201906-21
reference_type
scores
url	https://security.archlinux.org/ASA-201906-21

reference_url

reference_id

AVG-837

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26280.json

reference_url	https://usn.ubuntu.com/3859-1/
reference_id	USN-3859-1
reference_type
scores
url	https://usn.ubuntu.com/3859-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

url pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

purl pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.3.3-4%252Bdeb10u1

aliases CVE-2018-1000880

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n56c-gd3f-1ba1

url VCID-nrdr-yd3k-sybt

vulnerability_id VCID-nrdr-yd3k-sybt

summary

Out-of-bounds Read
Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_lzma_alone_init.

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26280.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-26280

reference_id

reference_type

scores

value	0.00122
scoring_system	epss
scoring_elements	0.30874
published_at	2026-06-04T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.30941
published_at	2026-06-05T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.30909
published_at	2026-06-06T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.30875
published_at	2026-06-07T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.30843
published_at	2026-06-08T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.30862
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-26280

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26280
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26280

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/libarchive/libarchive/issues/1672
reference_id
reference_type
scores
url	https://github.com/libarchive/libarchive/issues/1672

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008953
reference_id	1008953
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008953

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2071931
reference_id	2071931
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2071931

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2022-26280
reference_id	CVE-2022-26280
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2022-26280

reference_url	https://security.gentoo.org/glsa/202208-26
reference_id	GLSA-202208-26
reference_type
scores
url	https://security.gentoo.org/glsa/202208-26

reference_url	https://access.redhat.com/errata/RHSA-2022:5252
reference_id	RHSA-2022:5252
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5252

reference_url	https://usn.ubuntu.com/5374-1/
reference_id	USN-5374-1
reference_type
scores
url	https://usn.ubuntu.com/5374-1/

fixed_packages

url pkg:deb/debian/libarchive@3.6.2-1%2Bdeb12u4

purl pkg:deb/debian/libarchive@3.6.2-1%2Bdeb12u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1pp8-5uev-z7b4

vulnerability	VCID-9uqp-6xsc-g7c1

vulnerability	VCID-evkf-vrqz-kkca

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.6.2-1%252Bdeb12u4

aliases CVE-2022-26280

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nrdr-yd3k-sybt

url VCID-ntqh-jfsf-a7hy

vulnerability_id VCID-ntqh-jfsf-a7hy

summary The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8932.json

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8932.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8932

reference_id

reference_type

scores

value	0.00562
scoring_system	epss
scoring_elements	0.68712
published_at	2026-06-04T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68752
published_at	2026-06-07T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68756
published_at	2026-06-09T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.6876
published_at	2026-06-06T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68736
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348780
reference_id	1348780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348780

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://access.redhat.com/errata/RHSA-2016:1850
reference_id	RHSA-2016:1850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1850

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8932

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ntqh-jfsf-a7hy

url VCID-pbqy-fdhh-83ea

vulnerability_id VCID-pbqy-fdhh-83ea

summary libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14503.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14503.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14503

reference_id

reference_type

scores

value	0.00662
scoring_system	epss
scoring_elements	0.71552
published_at	2026-06-04T12:55:00Z

value	0.00662
scoring_system	epss
scoring_elements	0.71583
published_at	2026-06-09T12:55:00Z

value	0.00662
scoring_system	epss
scoring_elements	0.71578
published_at	2026-06-07T12:55:00Z

value	0.00662
scoring_system	epss
scoring_elements	0.71563
published_at	2026-06-08T12:55:00Z

value	0.00662
scoring_system	epss
scoring_elements	0.71596
published_at	2026-06-05T12:55:00Z

value	0.00662
scoring_system	epss
scoring_elements	0.71602
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:C

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1494449
reference_id	1494449
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1494449

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875960
reference_id	875960
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875960

reference_url	https://security.gentoo.org/glsa/201908-11
reference_id	GLSA-201908-11
reference_type
scores
url	https://security.gentoo.org/glsa/201908-11

reference_url	https://access.redhat.com/errata/RHSA-2019:2298
reference_id	RHSA-2019:2298
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2298

reference_url	https://access.redhat.com/errata/RHSA-2019:3698
reference_id	RHSA-2019:3698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3698

reference_url	https://usn.ubuntu.com/3736-1/
reference_id	USN-3736-1
reference_type
scores
url	https://usn.ubuntu.com/3736-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

url pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

purl pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.3.3-4%252Bdeb10u1

aliases CVE-2017-14503

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pbqy-fdhh-83ea

url VCID-pusd-k7nk-tbfc

vulnerability_id VCID-pusd-k7nk-tbfc

summary The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8924.json

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8924.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8924

reference_id

reference_type

scores

value	0.00326
scoring_system	epss
scoring_elements	0.55854
published_at	2026-06-04T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.5591
published_at	2026-06-05T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55917
published_at	2026-06-06T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55904
published_at	2026-06-07T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55887
published_at	2026-06-08T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55908
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348421
reference_id	1348421
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348421

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8924

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pusd-k7nk-tbfc

url VCID-qbww-6cd7-gyb8

vulnerability_id VCID-qbww-6cd7-gyb8

summary read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14502.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14502.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14502

reference_id

reference_type

scores

value	0.01191
scoring_system	epss
scoring_elements	0.79181
published_at	2026-06-04T12:55:00Z

value	0.01191
scoring_system	epss
scoring_elements	0.79193
published_at	2026-06-08T12:55:00Z

value	0.01191
scoring_system	epss
scoring_elements	0.79212
published_at	2026-06-09T12:55:00Z

value	0.01191
scoring_system	epss
scoring_elements	0.79204
published_at	2026-06-07T12:55:00Z

value	0.01191
scoring_system	epss
scoring_elements	0.79207
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1494463
reference_id	1494463
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1494463

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875974
reference_id	875974
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875974

reference_url	https://security.gentoo.org/glsa/201908-11
reference_id	GLSA-201908-11
reference_type
scores
url	https://security.gentoo.org/glsa/201908-11

reference_url	https://usn.ubuntu.com/3859-1/
reference_id	USN-3859-1
reference_type
scores
url	https://usn.ubuntu.com/3859-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

url pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

purl pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.3.3-4%252Bdeb10u1

aliases CVE-2017-14502

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qbww-6cd7-gyb8

url VCID-qcu6-e115-mfh5

vulnerability_id VCID-qcu6-e115-mfh5

summary Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8933.json

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8933.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8933

reference_id

reference_type

scores

value	0.00311
scoring_system	epss
scoring_elements	0.54513
published_at	2026-06-04T12:55:00Z

value	0.00311
scoring_system	epss
scoring_elements	0.54571
published_at	2026-06-05T12:55:00Z

value	0.00311
scoring_system	epss
scoring_elements	0.5455
published_at	2026-06-08T12:55:00Z

value	0.00311
scoring_system	epss
scoring_elements	0.5458
published_at	2026-06-06T12:55:00Z

value	0.00311
scoring_system	epss
scoring_elements	0.54572
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348781
reference_id	1348781
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348781

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8933

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qcu6-e115-mfh5

url VCID-qfaz-th5k-u3f3

vulnerability_id VCID-qfaz-th5k-u3f3

summary libarchive: libarchive: Denial of Service via malformed ISO file processing

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4426.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4426.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4426

reference_id

reference_type

scores

value	0.00185
scoring_system	epss
scoring_elements	0.40057
published_at	2026-06-09T12:55:00Z

value	0.00185
scoring_system	epss
scoring_elements	0.40093
published_at	2026-06-05T12:55:00Z

value	0.00185
scoring_system	epss
scoring_elements	0.40096
published_at	2026-06-06T12:55:00Z

value	0.00185
scoring_system	epss
scoring_elements	0.40068
published_at	2026-06-07T12:55:00Z

value	0.00185
scoring_system	epss
scoring_elements	0.4004
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4426

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4426
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4426

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131444
reference_id	1131444
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131444

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2449010

reference_id

2449010

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T15:19:10Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2449010

reference_url

https://github.com/libarchive/libarchive/pull/2897

reference_id

2897

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T15:19:10Z/

url

https://github.com/libarchive/libarchive/pull/2897

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1
reference_id	cpe:/a:redhat:hummingbird:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2026-4426

reference_id

CVE-2026-4426

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T15:19:10Z/

url

https://access.redhat.com/security/cve/CVE-2026-4426

reference_url

reference_id

RHSA-2026:8944

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T15:19:10Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23177.json

reference_url	https://usn.ubuntu.com/8292-1/
reference_id	USN-8292-1
reference_type
scores
url	https://usn.ubuntu.com/8292-1/

fixed_packages

url pkg:deb/debian/libarchive@3.6.2-1%2Bdeb12u4

purl pkg:deb/debian/libarchive@3.6.2-1%2Bdeb12u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1pp8-5uev-z7b4

vulnerability	VCID-9uqp-6xsc-g7c1

vulnerability	VCID-evkf-vrqz-kkca

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.6.2-1%252Bdeb12u4

aliases CVE-2026-4426

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qfaz-th5k-u3f3

url VCID-tmbf-p5xx-nfak

vulnerability_id VCID-tmbf-p5xx-nfak

summary An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges.

references

reference_url

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23177.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-23177

reference_id

reference_type

scores

value	0.00042
scoring_system	epss
scoring_elements	0.1305
published_at	2026-06-04T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.13129
published_at	2026-06-05T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.13132
published_at	2026-06-06T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.13092
published_at	2026-06-07T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.13004
published_at	2026-06-08T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.13035
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-23177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23177

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/libarchive/libarchive/commit/fba4f123cc456d2b2538f811bb831483bf336bad
reference_id
reference_type
scores
url	https://github.com/libarchive/libarchive/commit/fba4f123cc456d2b2538f811bb831483bf336bad

reference_url	https://github.com/libarchive/libarchive/issues/1565
reference_id
reference_type
scores
url	https://github.com/libarchive/libarchive/issues/1565

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001986
reference_id	1001986
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001986

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2024245
reference_id	2024245
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2024245

reference_url	https://access.redhat.com/security/cve/CVE-2021-23177
reference_id	CVE-2021-23177
reference_type
scores
url	https://access.redhat.com/security/cve/CVE-2021-23177

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-23177
reference_id	CVE-2021-23177
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-23177

reference_url	https://access.redhat.com/errata/RHSA-2022:0892
reference_id	RHSA-2022:0892
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0892

reference_url	https://usn.ubuntu.com/5291-1/
reference_id	USN-5291-1
reference_type
scores
url	https://usn.ubuntu.com/5291-1/

fixed_packages

url pkg:deb/debian/libarchive@3.4.3-2%2Bdeb11u1

purl pkg:deb/debian/libarchive@3.4.3-2%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1pp8-5uev-z7b4

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-9uqp-6xsc-g7c1

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-evkf-vrqz-kkca

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.4.3-2%252Bdeb11u1

aliases CVE-2021-23177

risk_score 3.3

exploitability 0.5

weighted_severity 6.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tmbf-p5xx-nfak

url VCID-vsfx-3gzq-1qhv

vulnerability_id VCID-vsfx-3gzq-1qhv

summary The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8920.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8920.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8920

reference_id

reference_type

scores

value	0.00557
scoring_system	epss
scoring_elements	0.68546
published_at	2026-06-04T12:55:00Z

value	0.00557
scoring_system	epss
scoring_elements	0.68588
published_at	2026-06-05T12:55:00Z

value	0.00557
scoring_system	epss
scoring_elements	0.68596
published_at	2026-06-06T12:55:00Z

value	0.00557
scoring_system	epss
scoring_elements	0.68589
published_at	2026-06-07T12:55:00Z

value	0.00557
scoring_system	epss
scoring_elements	0.68574
published_at	2026-06-08T12:55:00Z

value	0.00557
scoring_system	epss
scoring_elements	0.68592
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348416
reference_id	1348416
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348416

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://access.redhat.com/errata/RHSA-2016:1850
reference_id	RHSA-2016:1850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1850

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8920

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vsfx-3gzq-1qhv

url VCID-wqbs-kff4-1qc3

vulnerability_id VCID-wqbs-kff4-1qc3

summary The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8921.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8921.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8921

reference_id

reference_type

scores

value	0.04252
scoring_system	epss
scoring_elements	0.88994
published_at	2026-06-04T12:55:00Z

value	0.04252
scoring_system	epss
scoring_elements	0.89011
published_at	2026-06-05T12:55:00Z

value	0.04252
scoring_system	epss
scoring_elements	0.89012
published_at	2026-06-08T12:55:00Z

value	0.04252
scoring_system	epss
scoring_elements	0.89028
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348772
reference_id	1348772
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348772

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://access.redhat.com/errata/RHSA-2016:1850
reference_id	RHSA-2016:1850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1850

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8921

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wqbs-kff4-1qc3

url VCID-wwkh-5ser-f7hq

vulnerability_id VCID-wwkh-5ser-f7hq

summary bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8917.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8917.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8917

reference_id

reference_type

scores

value	0.05663
scoring_system	epss
scoring_elements	0.90536
published_at	2026-06-04T12:55:00Z

value	0.05663
scoring_system	epss
scoring_elements	0.9055
published_at	2026-06-05T12:55:00Z

value	0.05663
scoring_system	epss
scoring_elements	0.90551
published_at	2026-06-06T12:55:00Z

value	0.05663
scoring_system	epss
scoring_elements	0.90548
published_at	2026-06-07T12:55:00Z

value	0.05663
scoring_system	epss
scoring_elements	0.90547
published_at	2026-06-08T12:55:00Z

value	0.05663
scoring_system	epss
scoring_elements	0.90564
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348413
reference_id	1348413
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348413

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8917

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wwkh-5ser-f7hq

url VCID-x436-na6m-ubd9

vulnerability_id VCID-x436-na6m-ubd9

summary Windows libarchive Remote Code Execution Vulnerability

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20696.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20696.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20696

reference_id

reference_type

scores

value	0.07709
scoring_system	epss
scoring_elements	0.9209
published_at	2026-06-09T12:55:00Z

value	0.07709
scoring_system	epss
scoring_elements	0.92077
published_at	2026-06-06T12:55:00Z

value	0.07709
scoring_system	epss
scoring_elements	0.92075
published_at	2026-06-07T12:55:00Z

value	0.07709
scoring_system	epss
scoring_elements	0.92076
published_at	2026-06-08T12:55:00Z

value	0.07709
scoring_system	epss
scoring_elements	0.9208
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20696

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20696
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20696

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086155
reference_id	1086155
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086155

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2290448
reference_id	2290448
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2290448

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20696

reference_id

CVE-2024-20696

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-10T18:52:38Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20696

reference_url	https://usn.ubuntu.com/7087-1/
reference_id	USN-7087-1
reference_type
scores
url	https://usn.ubuntu.com/7087-1/

reference_url	https://usn.ubuntu.com/8147-1/
reference_id	USN-8147-1
reference_type
scores
url	https://usn.ubuntu.com/8147-1/

fixed_packages

url pkg:deb/debian/libarchive@3.6.2-1%2Bdeb12u4

purl pkg:deb/debian/libarchive@3.6.2-1%2Bdeb12u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1pp8-5uev-z7b4

vulnerability	VCID-9uqp-6xsc-g7c1

vulnerability	VCID-evkf-vrqz-kkca

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.6.2-1%252Bdeb12u4

aliases CVE-2024-20696

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x436-na6m-ubd9

url VCID-xw2b-7t64-z3bm

vulnerability_id VCID-xw2b-7t64-z3bm

summary Integer overflow in the read_SubStreamsInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a 7zip file with a large number of substreams, which triggers a heap-based buffer overflow.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4300.json

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4300.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4300

reference_id

reference_type

scores

value	0.01105
scoring_system	epss
scoring_elements	0.78425
published_at	2026-06-04T12:55:00Z

value	0.01105
scoring_system	epss
scoring_elements	0.78453
published_at	2026-06-05T12:55:00Z

value	0.01105
scoring_system	epss
scoring_elements	0.78461
published_at	2026-06-06T12:55:00Z

value	0.01105
scoring_system	epss
scoring_elements	0.78451
published_at	2026-06-07T12:55:00Z

value	0.01105
scoring_system	epss
scoring_elements	0.78439
published_at	2026-06-08T12:55:00Z

value	0.01105
scoring_system	epss
scoring_elements	0.78457
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348439
reference_id	1348439
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348439

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2016-4300

risk_score 3.8

exploitability 0.5

weighted_severity 7.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xw2b-7t64-z3bm

url VCID-xybq-93sp-qker

vulnerability_id VCID-xybq-93sp-qker

summary The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8925.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8925.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8925

reference_id

reference_type

scores

value	0.00506
scoring_system	epss
scoring_elements	0.66584
published_at	2026-06-04T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66624
published_at	2026-06-05T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66631
published_at	2026-06-06T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66617
published_at	2026-06-07T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66602
published_at	2026-06-08T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66619
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348423
reference_id	1348423
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348423

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8925

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xybq-93sp-qker

url VCID-y61v-j3s4-qycm

vulnerability_id VCID-y61v-j3s4-qycm

summary The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10209.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10209.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-10209

reference_id

reference_type

scores

value	0.00796
scoring_system	epss
scoring_elements	0.74336
published_at	2026-06-04T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.74369
published_at	2026-06-05T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.74374
published_at	2026-06-06T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.74362
published_at	2026-06-07T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.74344
published_at	2026-06-08T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.7437
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-10209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1439703
reference_id	1439703
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1439703

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859456
reference_id	859456
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859456

reference_url	https://usn.ubuntu.com/3736-1/
reference_id	USN-3736-1
reference_type
scores
url	https://usn.ubuntu.com/3736-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

url pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

purl pkg:deb/debian/libarchive@3.3.3-4%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.3.3-4%252Bdeb10u1

aliases CVE-2016-10209

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y61v-j3s4-qycm

url VCID-y7z2-cxzp-6fbz

vulnerability_id VCID-y7z2-cxzp-6fbz

summary The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8922.json

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8922.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8922

reference_id

reference_type

scores

value	0.00385
scoring_system	epss
scoring_elements	0.60045
published_at	2026-06-04T12:55:00Z

value	0.00385
scoring_system	epss
scoring_elements	0.60092
published_at	2026-06-05T12:55:00Z

value	0.00385
scoring_system	epss
scoring_elements	0.60095
published_at	2026-06-06T12:55:00Z

value	0.00385
scoring_system	epss
scoring_elements	0.60083
published_at	2026-06-07T12:55:00Z

value	0.00385
scoring_system	epss
scoring_elements	0.60066
published_at	2026-06-08T12:55:00Z

value	0.00385
scoring_system	epss
scoring_elements	0.60084
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8923

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8924

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348419
reference_id	1348419
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348419

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

reference_url	https://access.redhat.com/errata/RHSA-2016:1844
reference_id	RHSA-2016:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1844

reference_url	https://usn.ubuntu.com/3033-1/
reference_id	USN-3033-1
reference_type
scores
url	https://usn.ubuntu.com/3033-1/

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8922

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y7z2-cxzp-6fbz

url VCID-yn2q-9svn-vucq

vulnerability_id VCID-yn2q-9svn-vucq

summary Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8929.json

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8929.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8929

reference_id

reference_type

scores

value	0.00254
scoring_system	epss
scoring_elements	0.48865
published_at	2026-06-04T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48927
published_at	2026-06-05T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48935
published_at	2026-06-06T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48917
published_at	2026-06-07T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48887
published_at	2026-06-08T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48901
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8929

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8929
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8929

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1348771
reference_id	1348771
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1348771

reference_url	https://security.gentoo.org/glsa/201701-03
reference_id	GLSA-201701-03
reference_type
scores
url	https://security.gentoo.org/glsa/201701-03

fixed_packages

url pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

purl pkg:deb/debian/libarchive@3.2.2-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zjd-nfwk-1bhy

vulnerability	VCID-24dh-btpb-7yg5

vulnerability	VCID-2jra-hgx1-akc2

vulnerability	VCID-2kce-56xs-abaz

vulnerability	VCID-37wa-xumu-bber

vulnerability	VCID-3e6j-4j26-auhz

vulnerability	VCID-3tqx-5ms2-akg3

vulnerability	VCID-4t89-41bc-3ba8

vulnerability	VCID-6fu1-u451-13bk

vulnerability	VCID-b72d-fhvw-nqb2

vulnerability	VCID-bb9k-aw7s-gqg9

vulnerability	VCID-d7x6-bkm5-nbbb

vulnerability	VCID-ds4r-cxqd-33c4

vulnerability	VCID-g4hd-5kt2-wuc1

vulnerability	VCID-gu6c-aam9-9bfs

vulnerability	VCID-gue4-gwmq-cud9

vulnerability	VCID-jpyc-ymx3-uuhh

vulnerability	VCID-k2jw-vx9c-1bg3

vulnerability	VCID-k366-b845-abfj

vulnerability	VCID-n56c-gd3f-1ba1

vulnerability	VCID-nrdr-yd3k-sybt

vulnerability	VCID-pbqy-fdhh-83ea

vulnerability	VCID-qbww-6cd7-gyb8

vulnerability	VCID-qfaz-th5k-u3f3

vulnerability	VCID-tmbf-p5xx-nfak

vulnerability	VCID-x436-na6m-ubd9

vulnerability	VCID-y61v-j3s4-qycm

vulnerability	VCID-yr95-zhhd-sfet

vulnerability	VCID-zd9y-zkbr-dubv

vulnerability	VCID-zgpe-j255-5yct

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libarchive@3.2.2-2%252Bdeb9u2

aliases CVE-2015-8929

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yn2q-9svn-vucq

url VCID-yr95-zhhd-sfet

vulnerability_id VCID-yr95-zhhd-sfet

summary libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4111.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4111.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-4111

reference_id

reference_type

scores

value	0.00037
scoring_system	epss
scoring_elements	0.11287
published_at	2026-06-09T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11394
published_at	2026-06-05T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.1139
published_at	2026-06-06T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11355
published_at	2026-06-07T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11272
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-4111

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4111
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4111

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130753
reference_id	1130753
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130753

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2446453

reference_id

2446453

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2446453

reference_url

https://github.com/libarchive/libarchive/pull/2877

reference_id

2877

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://github.com/libarchive/libarchive/pull/2877

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.2::el9
reference_id	cpe:/a:redhat:ai_inference_server:3.2::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.2::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.3::el9
reference_id	cpe:/a:redhat:ai_inference_server:3.3::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.3::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9
reference_id	cpe:/a:redhat:discovery:2::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1
reference_id	cpe:/a:redhat:hummingbird:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9
reference_id	cpe:/a:redhat:insights_proxy:1.5::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id	cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id	cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id	cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id	cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
reference_id	cpe:/a:redhat:openshift:4.17::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9
reference_id	cpe:/a:redhat:openshift:4.18::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9
reference_id	cpe:/a:redhat:openshift:4.19::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb
reference_id	cpe:/a:redhat:rhel_eus:9.4::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:5::el9
reference_id	cpe:/a:redhat:rhui:5::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:5::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1
reference_id	cpe:/o:redhat:enterprise_linux:10.1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0
reference_id	cpe:/o:redhat:enterprise_linux_eus:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2026-4111

reference_id

CVE-2026-4111

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/security/cve/CVE-2026-4111

reference_url

reference_id

RHSA-2026:10065

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:10081

reference_url

reference_id

RHSA-2026:10081

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:10081

reference_url

reference_id

RHSA-2026:10097

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

reference_url

reference_id

RHSA-2026:14773

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

reference_url

reference_id

RHSA-2026:15087

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

reference_url

reference_id

RHSA-2026:16008

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

reference_url

reference_id

RHSA-2026:16009

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

reference_url

reference_id

RHSA-2026:16174

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

reference_url

reference_id

RHSA-2026:17596

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:5063

reference_url

reference_id

RHSA-2026:5063

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:5063

reference_url

https://access.redhat.com/errata/RHSA-2026:5080

reference_id

RHSA-2026:5080

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:5080

reference_url

https://access.redhat.com/errata/RHSA-2026:6647

reference_id

RHSA-2026:6647

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:6647

reference_url

https://access.redhat.com/errata/RHSA-2026:7093

reference_id

RHSA-2026:7093

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:7093

reference_url

https://access.redhat.com/errata/RHSA-2026:7105

reference_id

RHSA-2026:7105

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:7105

reference_url

https://access.redhat.com/errata/RHSA-2026:7106

reference_id

RHSA-2026:7106

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:7106

reference_url

https://access.redhat.com/errata/RHSA-2026:7239

reference_id

RHSA-2026:7239

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:7239

reference_url

https://access.redhat.com/errata/RHSA-2026:7329

reference_id

RHSA-2026:7329

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:7329

reference_url

https://access.redhat.com/errata/RHSA-2026:7335

reference_id

RHSA-2026:7335

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:7335

reference_url

https://access.redhat.com/errata/RHSA-2026:8423

reference_id

RHSA-2026:8423

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:8423

reference_url

https://access.redhat.com/errata/RHSA-2026:8746

reference_id

RHSA-2026:8746

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:8746

reference_url

https://access.redhat.com/errata/RHSA-2026:8747

reference_id

RHSA-2026:8747

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:8747

reference_url

https://access.redhat.com/errata/RHSA-2026:8748

reference_id

RHSA-2026:8748

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

https://access.redhat.com/errata/RHSA-2026:8748

reference_url

reference_id

RHSA-2026:8865

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

reference_url

reference_id

RHSA-2026:8944

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url

reference_url

reference_id

RHSA-2026:9832

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T13:36:13Z/

url