Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/546727?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/546727?format=api", "purl": "pkg:deb/debian/slirp4netns@0.2.3-1", "type": "deb", "namespace": "debian", "name": "slirp4netns", "version": "0.2.3-1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.0.1-2", "latest_non_vulnerable_version": "1.0.1-2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/99391?format=api", "vulnerability_id": "VCID-b1hv-493k-bubn", "summary": "ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14378.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14378.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14378", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06468", "scoring_system": "epss", "scoring_elements": "0.91244", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.06468", "scoring_system": "epss", "scoring_elements": "0.91257", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.06468", "scoring_system": "epss", "scoring_elements": "0.91265", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.06468", "scoring_system": "epss", "scoring_elements": "0.91254", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.06468", "scoring_system": "epss", "scoring_elements": "0.9125", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20815", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20815" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14378" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1734745", "reference_id": "1734745", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1734745" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933741", "reference_id": "933741", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933741" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933742", "reference_id": "933742", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933742" }, { "reference_url": "https://github.com/vishnudevtj/exploits/blob/bdbe2647969150c63ee3b34da5a2deb056e64f0b/qemu/CVE-2019-14378/exp.c", "reference_id": "CVE-2019-14378", "reference_type": "exploit", "scores": [], "url": "https://github.com/vishnudevtj/exploits/blob/bdbe2647969150c63ee3b34da5a2deb056e64f0b/qemu/CVE-2019-14378/exp.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/47320.c", "reference_id": "CVE-2019-14378", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/47320.c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3179", "reference_id": "RHSA-2019:3179", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3179" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3403", "reference_id": "RHSA-2019:3403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3494", "reference_id": "RHSA-2019:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3742", "reference_id": "RHSA-2019:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3787", "reference_id": "RHSA-2019:3787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3968", "reference_id": "RHSA-2019:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4344", "reference_id": "RHSA-2019:4344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:4344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0366", "reference_id": "RHSA-2020:0366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0775", "reference_id": "RHSA-2020:0775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0889", "reference_id": "RHSA-2020:0889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1216", "reference_id": "RHSA-2020:1216", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1216" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2065", "reference_id": "RHSA-2020:2065", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2065" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2126", "reference_id": "RHSA-2020:2126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2342", "reference_id": "RHSA-2020:2342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2342" }, { "reference_url": "https://usn.ubuntu.com/4191-1/", "reference_id": "USN-4191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4191-1/" }, { "reference_url": "https://usn.ubuntu.com/4191-2/", "reference_id": "USN-4191-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4191-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/546728?format=api", "purl": "pkg:deb/debian/slirp4netns@1.0.1-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/slirp4netns@1.0.1-2" } ], "aliases": [ "CVE-2019-14378" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b1hv-493k-bubn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77306?format=api", "vulnerability_id": "VCID-csj1-3zyn-3fbb", "summary": "An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10756.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10756.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10756", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07791", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07823", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07836", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07809", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07762", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07778", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835986", "reference_id": "1835986", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835986" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3586", "reference_id": "RHSA-2020:3586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4059", "reference_id": "RHSA-2020:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4694", "reference_id": "RHSA-2020:4694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4694" }, { "reference_url": "https://usn.ubuntu.com/4437-1/", "reference_id": "USN-4437-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4437-1/" }, { "reference_url": "https://usn.ubuntu.com/4467-1/", "reference_id": "USN-4467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/546728?format=api", "purl": "pkg:deb/debian/slirp4netns@1.0.1-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/slirp4netns@1.0.1-2" } ], "aliases": [ "CVE-2020-10756" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-csj1-3zyn-3fbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77312?format=api", "vulnerability_id": "VCID-qy9w-um9k-5uds", "summary": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8608.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8608.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8608", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81474", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81502", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81512", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81504", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81496", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8608" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8608" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798453", "reference_id": "1798453", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798453" }, { "reference_url": "https://security.gentoo.org/glsa/202003-66", "reference_id": "GLSA-202003-66", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-66" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0889", "reference_id": "RHSA-2020:0889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1208", "reference_id": "RHSA-2020:1208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1209", "reference_id": "RHSA-2020:1209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1261", "reference_id": "RHSA-2020:1261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1292", "reference_id": "RHSA-2020:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1300", "reference_id": "RHSA-2020:1300", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1300" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1351", "reference_id": "RHSA-2020:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1352", "reference_id": "RHSA-2020:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1379", "reference_id": "RHSA-2020:1379", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1379" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1403", "reference_id": "RHSA-2020:1403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2342", "reference_id": "RHSA-2020:2342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2730", "reference_id": "RHSA-2020:2730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2773", "reference_id": "RHSA-2020:2773", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2773" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2774", "reference_id": "RHSA-2020:2774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2844", "reference_id": "RHSA-2020:2844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3040", "reference_id": "RHSA-2020:3040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3040" }, { "reference_url": "https://usn.ubuntu.com/4283-1/", "reference_id": "USN-4283-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4283-1/" }, { "reference_url": "https://usn.ubuntu.com/4632-1/", "reference_id": "USN-4632-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4632-1/" }, { "reference_url": "https://usn.ubuntu.com/7094-1/", "reference_id": "USN-7094-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7094-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/546728?format=api", "purl": "pkg:deb/debian/slirp4netns@1.0.1-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/slirp4netns@1.0.1-2" } ], "aliases": [ "CVE-2020-8608" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qy9w-um9k-5uds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/99403?format=api", "vulnerability_id": "VCID-r5b7-gs2f-zqh6", "summary": "tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9824.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9824.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9824", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27268", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27337", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27286", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27246", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27197", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27207", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18849", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18849" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19489", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19489" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3812" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9824" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678515", "reference_id": "1678515", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678515" }, { "reference_url": "https://security.gentoo.org/glsa/201904-25", "reference_id": "GLSA-201904-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201904-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1650", "reference_id": "RHSA-2019:1650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2078", "reference_id": "RHSA-2019:2078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2425", "reference_id": "RHSA-2019:2425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2425" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2553", "reference_id": "RHSA-2019:2553", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3345", "reference_id": "RHSA-2019:3345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3345" }, { "reference_url": "https://usn.ubuntu.com/3978-1/", "reference_id": "USN-3978-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3978-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/546728?format=api", "purl": "pkg:deb/debian/slirp4netns@1.0.1-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/slirp4netns@1.0.1-2" } ], "aliases": [ "CVE-2019-9824" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r5b7-gs2f-zqh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77307?format=api", "vulnerability_id": "VCID-x8ab-8wpx-gkaj", "summary": "A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1983.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1983.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1983", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35037", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35133", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35148", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.3511", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35074", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35095", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1983" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829825", "reference_id": "1829825", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3053", "reference_id": "RHSA-2020:3053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4079", "reference_id": "RHSA-2020:4079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4290", "reference_id": "RHSA-2020:4290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4676", "reference_id": "RHSA-2020:4676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4676" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0346", "reference_id": "RHSA-2021:0346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0459", "reference_id": "RHSA-2021:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0934", "reference_id": "RHSA-2021:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0934" }, { "reference_url": "https://usn.ubuntu.com/4372-1/", "reference_id": "USN-4372-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4372-1/" }, { "reference_url": "https://usn.ubuntu.com/7094-1/", "reference_id": "USN-7094-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7094-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/546728?format=api", "purl": "pkg:deb/debian/slirp4netns@1.0.1-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/slirp4netns@1.0.1-2" } ], "aliases": [ "CVE-2020-1983" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x8ab-8wpx-gkaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/99393?format=api", "vulnerability_id": "VCID-xqrr-tfjr-6fch", "summary": "libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15890.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15890.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.69145", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.69185", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.69189", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.69194", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.6917", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7039" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749716", "reference_id": "1749716", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749716" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939868", "reference_id": "939868", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939868" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939869", "reference_id": "939869", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0348", "reference_id": "RHSA-2020:0348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0775", "reference_id": "RHSA-2020:0775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0889", "reference_id": "RHSA-2020:0889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4676", "reference_id": "RHSA-2020:4676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4676" }, { "reference_url": "https://usn.ubuntu.com/4191-1/", "reference_id": "USN-4191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4191-1/" }, { "reference_url": "https://usn.ubuntu.com/4191-2/", "reference_id": "USN-4191-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4191-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/546728?format=api", "purl": "pkg:deb/debian/slirp4netns@1.0.1-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/slirp4netns@1.0.1-2" } ], "aliases": [ "CVE-2019-15890" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xqrr-tfjr-6fch" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/slirp4netns@0.2.3-1" }