{"url":"http://public2.vulnerablecode.io/api/packages/583111?format=json","purl":"pkg:deb/debian/389-ds-base@1.4.4.11-2","type":"deb","namespace":"debian","name":"389-ds-base","version":"1.4.4.11-2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"3.1.2+vendor1-2","latest_non_vulnerable_version":"3.1.2+vendor1-2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75506?format=json","vulnerability_id":"VCID-4tdy-umt6-4ubr","summary":"389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2199.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2199.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2199","reference_id":"","reference_type":"","scores":[{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25383","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25485","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25439","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.2543","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27125","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26953","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27021","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27067","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2707","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27025","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26969","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26978","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26952","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27161","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2199"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2199","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2199"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072531","reference_id":"1072531","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072531"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267976","reference_id":"2267976","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267976"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.8::el8","reference_id":"cpe:/a:redhat:directory_server:11.8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.9::el8","reference_id":"cpe:/a:redhat:directory_server:11.9::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.9::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12.4::el9","reference_id":"cpe:/a:redhat:directory_server:12.4::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12.4::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8","reference_id":"cpe:/a:redhat:directory_server_e4s:11.5::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-2199","reference_id":"CVE-2024-2199","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-2199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3591","reference_id":"RHSA-2024:3591","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3837","reference_id":"RHSA-2024:3837","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4092","reference_id":"RHSA-2024:4092","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4092"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4209","reference_id":"RHSA-2024:4209","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4210","reference_id":"RHSA-2024:4210","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4235","reference_id":"RHSA-2024:4235","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4633","reference_id":"RHSA-2024:4633","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5690","reference_id":"RHSA-2024:5690","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:5690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1632","reference_id":"RHSA-2025:1632","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:52:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:1632"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583112?format=json","purl":"pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1"}],"aliases":["CVE-2024-2199"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4tdy-umt6-4ubr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79388?format=json","vulnerability_id":"VCID-63rm-mq1r-5fbz","summary":"389-ds-base: access control bypass by query (filter in LDAP terms) optimiser","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1949.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1949.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1949","reference_id":"","reference_type":"","scores":[{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69163","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69109","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69118","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69098","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69148","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69156","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00676","scoring_system":"epss","scoring_elements":"0.7148","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00676","scoring_system":"epss","scoring_elements":"0.71486","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00676","scoring_system":"epss","scoring_elements":"0.71427","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00676","scoring_system":"epss","scoring_elements":"0.71502","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00676","scoring_system":"epss","scoring_elements":"0.71435","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00676","scoring_system":"epss","scoring_elements":"0.71453","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00676","scoring_system":"epss","scoring_elements":"0.71468","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1949"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1949"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016446","reference_id":"1016446","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016446"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2091781","reference_id":"2091781","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2091781"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583112?format=json","purl":"pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1"}],"aliases":["CVE-2022-1949"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-63rm-mq1r-5fbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74971?format=json","vulnerability_id":"VCID-6f2q-qatg-kucr","summary":"389-ds-base: unauthenticated user can trigger a DoS by sending a specific extended search request","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6237.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6237.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6237","reference_id":"","reference_type":"","scores":[{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74286","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74313","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74319","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74334","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74355","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74335","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74327","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00816","scoring_system":"epss","scoring_elements":"0.74364","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01064","scoring_system":"epss","scoring_elements":"0.77713","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01064","scoring_system":"epss","scoring_elements":"0.77707","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01064","scoring_system":"epss","scoring_elements":"0.77738","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01064","scoring_system":"epss","scoring_elements":"0.77747","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01064","scoring_system":"epss","scoring_elements":"0.77762","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6237"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293579","reference_id":"2293579","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:16:20Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293579"},{"reference_url":"https://github.com/389ds/389-ds-base/issues/5989","reference_id":"5989","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:16:20Z/"}],"url":"https://github.com/389ds/389-ds-base/issues/5989"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11","reference_id":"cpe:/a:redhat:directory_server:11","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12.4::el9","reference_id":"cpe:/a:redhat:directory_server:12.4::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12.4::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-6237","reference_id":"CVE-2024-6237","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:16:20Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-6237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4997","reference_id":"RHSA-2024:4997","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:16:20Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4997"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5192","reference_id":"RHSA-2024:5192","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:16:20Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:5192"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584395?format=json","purl":"pkg:deb/debian/389-ds-base@3.1.2%2Bdfsg1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-pqe1-ewjj-uqbn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bdfsg1-1"}],"aliases":["CVE-2024-6237"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6f2q-qatg-kucr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79580?format=json","vulnerability_id":"VCID-77rw-db6h-hya9","summary":"389-ds-base: sending crafted message could result in DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0918.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0918.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0918","reference_id":"","reference_type":"","scores":[{"value":"0.08412","scoring_system":"epss","scoring_elements":"0.92295","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08412","scoring_system":"epss","scoring_elements":"0.92302","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08412","scoring_system":"epss","scoring_elements":"0.92308","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08412","scoring_system":"epss","scoring_elements":"0.92311","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08412","scoring_system":"epss","scoring_elements":"0.92322","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08412","scoring_system":"epss","scoring_elements":"0.92327","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08412","scoring_system":"epss","scoring_elements":"0.92332","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08412","scoring_system":"epss","scoring_elements":"0.92334","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08412","scoring_system":"epss","scoring_elements":"0.92333","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08793","scoring_system":"epss","scoring_elements":"0.92536","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08793","scoring_system":"epss","scoring_elements":"0.92537","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08793","scoring_system":"epss","scoring_elements":"0.92538","published_at":"2026-04-24T12:55:00Z"},{"value":"0.08793","scoring_system":"epss","scoring_elements":"0.92539","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0946","scoring_system":"epss","scoring_elements":"0.92824","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0918"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016445","reference_id":"1016445","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016445"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2055815","reference_id":"2055815","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2055815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2210","reference_id":"RHSA-2022:2210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5239","reference_id":"RHSA-2022:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5620","reference_id":"RHSA-2022:5620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5823","reference_id":"RHSA-2022:5823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8162","reference_id":"RHSA-2022:8162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8976","reference_id":"RHSA-2022:8976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8976"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583112?format=json","purl":"pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1"}],"aliases":["CVE-2022-0918"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-77rw-db6h-hya9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78632?format=json","vulnerability_id":"VCID-bpw5-xeju-93f3","summary":"RHDS: LDAP browser tries to decode userPassword instead of userCertificate attribute","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1055.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1055.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1055","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19886","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19536","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19586","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19573","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19943","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1967","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1975","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19801","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19806","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19761","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19704","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1968","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19682","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19695","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1055"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1055","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1055"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034891","reference_id":"1034891","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034891"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2173517","reference_id":"2173517","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2173517"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/","reference_id":"MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T14:02:37Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3489","reference_id":"RHSA-2023:3489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4655","reference_id":"RHSA-2023:4655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4655"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0","reference_id":"show_bug.cgi?id=2173517#c0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T14:02:37Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584395?format=json","purl":"pkg:deb/debian/389-ds-base@3.1.2%2Bdfsg1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-pqe1-ewjj-uqbn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bdfsg1-1"}],"aliases":["CVE-2023-1055"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bpw5-xeju-93f3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79721?format=json","vulnerability_id":"VCID-hjvf-3mm8-xfhq","summary":"389-ds-base: double free of the virtual attribute context in persistent search","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4091.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4091.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4091","reference_id":"","reference_type":"","scores":[{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56833","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56903","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.569","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56877","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56816","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56853","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56905","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56908","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56917","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56896","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56874","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56908","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56929","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56813","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4091"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030307","reference_id":"2030307","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2030307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0628","reference_id":"RHSA-2022:0628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0889","reference_id":"RHSA-2022:0889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0952","reference_id":"RHSA-2022:0952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1410","reference_id":"RHSA-2022:1410","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1410"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583112?format=json","purl":"pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1"}],"aliases":["CVE-2021-4091"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hjvf-3mm8-xfhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77774?format=json","vulnerability_id":"VCID-kbvd-dfmn-buat","summary":"389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1062.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1062.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1062","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05666","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05608","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05653","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0566","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05667","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05594","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05633","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05629","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05693","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07681","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0762","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07768","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07726","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07703","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1062"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1062","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1062"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066120","reference_id":"1066120","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066120"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2261879","reference_id":"2261879","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T18:08:45Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2261879"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.7::el8","reference_id":"cpe:/a:redhat:directory_server:11.7::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.7::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.8::el8","reference_id":"cpe:/a:redhat:directory_server:11.8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12","reference_id":"cpe:/a:redhat:directory_server:12","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8","reference_id":"cpe:/a:redhat:directory_server_e4s:11.5::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_eus:12.2::el9","reference_id":"cpe:/a:redhat:directory_server_eus:12.2::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_eus:12.2::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-1062","reference_id":"CVE-2024-1062","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T18:08:45Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-1062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1074","reference_id":"RHSA-2024:1074","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T18:08:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:1074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1372","reference_id":"RHSA-2024:1372","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T18:08:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:1372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3047","reference_id":"RHSA-2024:3047","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T18:08:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4209","reference_id":"RHSA-2024:4209","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T18:08:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4633","reference_id":"RHSA-2024:4633","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T18:08:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5690","reference_id":"RHSA-2024:5690","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T18:08:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:5690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7458","reference_id":"RHSA-2024:7458","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T18:08:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:7458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1632","reference_id":"RHSA-2025:1632","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T18:08:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:1632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256711","reference_id":"show_bug.cgi?id=2256711","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T18:08:45Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256711"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584395?format=json","purl":"pkg:deb/debian/389-ds-base@3.1.2%2Bdfsg1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-pqe1-ewjj-uqbn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bdfsg1-1"}],"aliases":["CVE-2024-1062"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kbvd-dfmn-buat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80201?format=json","vulnerability_id":"VCID-knxk-357y-efhh","summary":"389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3652.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3652.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3652","reference_id":"","reference_type":"","scores":[{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30099","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30007","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30022","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30002","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29958","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29885","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29771","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29999","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30059","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30095","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30056","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30566","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.3368","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33713","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33528","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3652"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1982782","reference_id":"1982782","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1982782"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991405","reference_id":"991405","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991405"},{"reference_url":"https://security.archlinux.org/ASA-202107-72","reference_id":"ASA-202107-72","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-72"},{"reference_url":"https://security.archlinux.org/AVG-2206","reference_id":"AVG-2206","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2206"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3079","reference_id":"RHSA-2021:3079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3807","reference_id":"RHSA-2021:3807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3906","reference_id":"RHSA-2021:3906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3955","reference_id":"RHSA-2021:3955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3955"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583112?format=json","purl":"pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1"}],"aliases":["CVE-2021-3652"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-knxk-357y-efhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64439?format=json","vulnerability_id":"VCID-pqe1-ewjj-uqbn","summary":"389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14905.json","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14905.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14905","reference_id":"","reference_type":"","scores":[{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64469","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64458","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64471","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64373","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64403","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64363","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64411","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64427","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64439","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64398","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64433","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64444","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64437","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14905"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130910","reference_id":"1130910","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130910"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2423624","reference_id":"2423624","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2423624"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.9::el8","reference_id":"cpe:/a:redhat:directory_server:11.9::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.9::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12","reference_id":"cpe:/a:redhat:directory_server:12","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:13","reference_id":"cpe:/a:redhat:directory_server:13","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:13"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:13.1::el10","reference_id":"cpe:/a:redhat:directory_server:13.1::el10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:13.1::el10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8","reference_id":"cpe:/a:redhat:directory_server_e4s:11.5::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.7::el8","reference_id":"cpe:/a:redhat:directory_server_e4s:11.7::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.7::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:12.2::el9","reference_id":"cpe:/a:redhat:directory_server_e4s:12.2::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:12.2::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_eus:12.4::el9","reference_id":"cpe:/a:redhat:directory_server_eus:12.4::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_eus:12.4::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.6::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0","reference_id":"cpe:/o:redhat:enterprise_linux_eus:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-14905","reference_id":"CVE-2025-14905","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-14905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3189","reference_id":"RHSA-2026:3189","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:3189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3208","reference_id":"RHSA-2026:3208","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:3208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3379","reference_id":"RHSA-2026:3379","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:3379"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3504","reference_id":"RHSA-2026:3504","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:3504"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4207","reference_id":"RHSA-2026:4207","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:4207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4661","reference_id":"RHSA-2026:4661","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:4661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4720","reference_id":"RHSA-2026:4720","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:4720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5196","reference_id":"RHSA-2026:5196","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:5196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5511","reference_id":"RHSA-2026:5511","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:5511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5512","reference_id":"RHSA-2026:5512","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:5512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5513","reference_id":"RHSA-2026:5513","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:5513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5514","reference_id":"RHSA-2026:5514","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:5514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5568","reference_id":"RHSA-2026:5568","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:5568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5569","reference_id":"RHSA-2026:5569","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:5569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5576","reference_id":"RHSA-2026:5576","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:5576"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5597","reference_id":"RHSA-2026:5597","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:5597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5598","reference_id":"RHSA-2026:5598","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:5598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6220","reference_id":"RHSA-2026:6220","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:6220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6268","reference_id":"RHSA-2026:6268","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-23T18:49:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:6268"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1072969?format=json","purl":"pkg:deb/debian/389-ds-base@3.1.2%2Bvendor1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bvendor1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1077856?format=json","purl":"pkg:deb/debian/389-ds-base@3.1.2%2Bvendor1-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bvendor1-2"}],"aliases":["CVE-2025-14905"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pqe1-ewjj-uqbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74023?format=json","vulnerability_id":"VCID-qkca-awn5-hfas","summary":"389-ds-base: server crash while modifying `userPassword` using malformed input (Incomplete fix for CVE-2024-2199)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8445.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8445.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8445","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22715","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22891","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22725","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22719","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24466","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24284","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24351","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24395","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24412","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2437","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24313","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24331","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2432","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.245","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8445"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8445","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8445"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082852","reference_id":"1082852","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082852"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2310110","reference_id":"2310110","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T19:58:06Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2310110"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11","reference_id":"cpe:/a:redhat:directory_server:11","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12","reference_id":"cpe:/a:redhat:directory_server:12","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-8445","reference_id":"CVE-2024-8445","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T19:58:06Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-8445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7434","reference_id":"RHSA-2024:7434","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T19:58:06Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:7434"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583112?format=json","purl":"pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1"}],"aliases":["CVE-2024-8445"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qkca-awn5-hfas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75507?format=json","vulnerability_id":"VCID-qv4g-5kzs-9kfa","summary":"389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3657.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3657.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3657","reference_id":"","reference_type":"","scores":[{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.6801","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67951","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67996","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.68004","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67882","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.679","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.6788","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.6793","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67944","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67968","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67955","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67919","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67956","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.6797","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3657"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3657","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3657"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274401","reference_id":"2274401","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274401"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.7::el8","reference_id":"cpe:/a:redhat:directory_server:11.7::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.7::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.8::el8","reference_id":"cpe:/a:redhat:directory_server:11.8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.9::el8","reference_id":"cpe:/a:redhat:directory_server:11.9::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.9::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12.4::el9","reference_id":"cpe:/a:redhat:directory_server:12.4::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12.4::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8","reference_id":"cpe:/a:redhat:directory_server_e4s:11.5::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_eus:12.2::el9","reference_id":"cpe:/a:redhat:directory_server_eus:12.2::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_eus:12.2::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-3657","reference_id":"CVE-2024-3657","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-3657"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3591","reference_id":"RHSA-2024:3591","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3837","reference_id":"RHSA-2024:3837","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4092","reference_id":"RHSA-2024:4092","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4092"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4209","reference_id":"RHSA-2024:4209","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4210","reference_id":"RHSA-2024:4210","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4235","reference_id":"RHSA-2024:4235","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4633","reference_id":"RHSA-2024:4633","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5690","reference_id":"RHSA-2024:5690","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:5690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6576","reference_id":"RHSA-2024:6576","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:6576"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7458","reference_id":"RHSA-2024:7458","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:7458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1632","reference_id":"RHSA-2025:1632","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-05T20:48:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:1632"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583112?format=json","purl":"pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1"}],"aliases":["CVE-2024-3657"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qv4g-5kzs-9kfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75349?format=json","vulnerability_id":"VCID-rffx-mwhe-tqe5","summary":"389-ds-base: Malformed userPassword hash may cause Denial of Service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5953.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5953.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5953","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21211","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21382","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21234","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21232","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21542","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21601","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21357","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21434","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21495","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21507","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21468","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21413","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21407","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21414","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5953"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2292104","reference_id":"2292104","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2292104"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.7::el8","reference_id":"cpe:/a:redhat:directory_server:11.7::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.7::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.9::el8","reference_id":"cpe:/a:redhat:directory_server:11.9::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:11.9::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12.4::el9","reference_id":"cpe:/a:redhat:directory_server:12.4::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12.4::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8","reference_id":"cpe:/a:redhat:directory_server_e4s:11.5::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_e4s:11.5::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_eus:12.2::el9","reference_id":"cpe:/a:redhat:directory_server_eus:12.2::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_eus:12.2::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-5953","reference_id":"CVE-2024-5953","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-5953"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4633","reference_id":"RHSA-2024:4633","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4997","reference_id":"RHSA-2024:4997","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4997"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5192","reference_id":"RHSA-2024:5192","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:5192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5690","reference_id":"RHSA-2024:5690","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:5690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6153","reference_id":"RHSA-2024:6153","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:6153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6568","reference_id":"RHSA-2024:6568","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:6568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6569","reference_id":"RHSA-2024:6569","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:6569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6576","reference_id":"RHSA-2024:6576","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:6576"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7458","reference_id":"RHSA-2024:7458","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:7458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1632","reference_id":"RHSA-2025:1632","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T13:32:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:1632"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583112?format=json","purl":"pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1"}],"aliases":["CVE-2024-5953"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rffx-mwhe-tqe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79162?format=json","vulnerability_id":"VCID-vx15-pahy-ufbn","summary":"389-ds-base: SIGSEGV in sync_repl","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2850.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2850.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2850","reference_id":"","reference_type":"","scores":[{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56654","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56603","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56622","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56653","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56652","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56625","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56561","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56579","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56624","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56659","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56668","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56643","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57776","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2850"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2850","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2850"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018054","reference_id":"1018054","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018054"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2118691","reference_id":"2118691","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:06:25Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2118691"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2022-2850","reference_id":"CVE-2022-2850","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:06:25Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2022-2850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7087","reference_id":"RHSA-2022:7087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7133","reference_id":"RHSA-2022:7133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8162","reference_id":"RHSA-2022:8162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8680","reference_id":"RHSA-2022:8680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8886","reference_id":"RHSA-2022:8886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8976","reference_id":"RHSA-2022:8976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0479","reference_id":"RHSA-2023:0479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0479"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583112?format=json","purl":"pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1"}],"aliases":["CVE-2022-2850"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vx15-pahy-ufbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79569?format=json","vulnerability_id":"VCID-x8k9-na1n-8fgj","summary":"389-ds-base: expired password was still allowed to access the database","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0996.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0996.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0996","reference_id":"","reference_type":"","scores":[{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34604","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34819","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34846","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34722","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34765","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34794","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34798","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.3476","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34735","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34769","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34754","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.3869","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38535","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40573","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40657","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0996"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0996","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0996"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064769","reference_id":"2064769","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064769"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5239","reference_id":"RHSA-2022:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5620","reference_id":"RHSA-2022:5620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5823","reference_id":"RHSA-2022:5823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8162","reference_id":"RHSA-2022:8162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8976","reference_id":"RHSA-2022:8976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8976"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583112?format=json","purl":"pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1"}],"aliases":["CVE-2022-0996"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x8k9-na1n-8fgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70777?format=json","vulnerability_id":"VCID-xs3r-chc9-27dr","summary":"389-ds-base: null pointer dereference leads to denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2487.json","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2487.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2487","reference_id":"","reference_type":"","scores":[{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.2394","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.2398","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68092","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68181","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68163","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68206","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68111","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68087","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68139","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68154","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68178","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68165","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68132","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68169","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2487"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2487","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2487"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100994","reference_id":"1100994","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100994"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2353071","reference_id":"2353071","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T17:48:01Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2353071"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12","reference_id":"cpe:/a:redhat:directory_server:12","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server:12"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_eus:12.4::el9","reference_id":"cpe:/a:redhat:directory_server_eus:12.4::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:directory_server_eus:12.4::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-2487","reference_id":"CVE-2025-2487","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T17:48:01Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-2487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3663","reference_id":"RHSA-2025:3663","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T17:48:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3670","reference_id":"RHSA-2025:3670","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T17:48:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4491","reference_id":"RHSA-2025:4491","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T17:48:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:4491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7395","reference_id":"RHSA-2025:7395","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T17:48:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7395"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584395?format=json","purl":"pkg:deb/debian/389-ds-base@3.1.2%2Bdfsg1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-pqe1-ewjj-uqbn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bdfsg1-1"}],"aliases":["CVE-2025-2487"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xs3r-chc9-27dr"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82979?format=json","vulnerability_id":"VCID-3paj-fqdp-yyg3","summary":"389-ds-base: using dscreate in verbose mode results in information disclosure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10224.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10224.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10224","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16239","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16423","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16368","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16304","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16242","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16263","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16299","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16189","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1642","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16483","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1628","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16365","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16407","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18993","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.34998","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10224"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10224","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10224"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10224","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10224"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html"},{"reference_url":"https://pagure.io/389-ds-base/issue/50251","reference_id":"","reference_type":"","scores":[],"url":"https://pagure.io/389-ds-base/issue/50251"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1677147","reference_id":"1677147","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1677147"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10224","reference_id":"CVE-2019-10224","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:N/A:N"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3401","reference_id":"RHSA-2019:3401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3401"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583111?format=json","purl":"pkg:deb/debian/389-ds-base@1.4.4.11-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tdy-umt6-4ubr"},{"vulnerability":"VCID-63rm-mq1r-5fbz"},{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-77rw-db6h-hya9"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-hjvf-3mm8-xfhq"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-knxk-357y-efhh"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-qkca-awn5-hfas"},{"vulnerability":"VCID-qv4g-5kzs-9kfa"},{"vulnerability":"VCID-rffx-mwhe-tqe5"},{"vulnerability":"VCID-vx15-pahy-ufbn"},{"vulnerability":"VCID-x8k9-na1n-8fgj"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2"}],"aliases":["CVE-2019-10224"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3paj-fqdp-yyg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80468?format=json","vulnerability_id":"VCID-4tn2-her5-6fe1","summary":"389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3514.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3514.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3514","reference_id":"","reference_type":"","scores":[{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56838","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56991","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56972","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56948","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56977","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56974","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56951","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56932","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56954","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.5693","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56981","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56984","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.5762","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57639","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0037","scoring_system":"epss","scoring_elements":"0.58874","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3514"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1952907","reference_id":"1952907","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1952907"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988727","reference_id":"988727","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988727"},{"reference_url":"https://security.archlinux.org/ASA-202107-72","reference_id":"ASA-202107-72","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-72"},{"reference_url":"https://security.archlinux.org/AVG-2206","reference_id":"AVG-2206","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2206"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2595","reference_id":"RHSA-2021:2595","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2595"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2796","reference_id":"RHSA-2021:2796","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2796"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3955","reference_id":"RHSA-2021:3955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0952","reference_id":"RHSA-2022:0952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0952"},{"reference_url":"https://usn.ubuntu.com/USN-5231-1/","reference_id":"USN-USN-5231-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5231-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583111?format=json","purl":"pkg:deb/debian/389-ds-base@1.4.4.11-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tdy-umt6-4ubr"},{"vulnerability":"VCID-63rm-mq1r-5fbz"},{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-77rw-db6h-hya9"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-hjvf-3mm8-xfhq"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-knxk-357y-efhh"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-qkca-awn5-hfas"},{"vulnerability":"VCID-qv4g-5kzs-9kfa"},{"vulnerability":"VCID-rffx-mwhe-tqe5"},{"vulnerability":"VCID-vx15-pahy-ufbn"},{"vulnerability":"VCID-x8k9-na1n-8fgj"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2"}],"aliases":["CVE-2021-3514"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4tn2-her5-6fe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80736?format=json","vulnerability_id":"VCID-pexr-smr8-gbhh","summary":"389-ds-base: information disclosure during the binding of a DN","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35518.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35518.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35518","reference_id":"","reference_type":"","scores":[{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.74018","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.74148","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.7414","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.74149","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.74024","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.7405","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.74021","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.74055","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.7407","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.74091","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.74073","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.74066","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.74105","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.74114","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35518"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1905565","reference_id":"1905565","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1905565"},{"reference_url":"https://security.archlinux.org/AVG-1482","reference_id":"AVG-1482","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1482"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0599","reference_id":"RHSA-2021:0599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1086","reference_id":"RHSA-2021:1086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1243","reference_id":"RHSA-2021:1243","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1243"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1258","reference_id":"RHSA-2021:1258","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2323","reference_id":"RHSA-2021:2323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2323"},{"reference_url":"https://usn.ubuntu.com/USN-5231-1/","reference_id":"USN-USN-5231-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5231-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583111?format=json","purl":"pkg:deb/debian/389-ds-base@1.4.4.11-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tdy-umt6-4ubr"},{"vulnerability":"VCID-63rm-mq1r-5fbz"},{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-77rw-db6h-hya9"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-hjvf-3mm8-xfhq"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-knxk-357y-efhh"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-qkca-awn5-hfas"},{"vulnerability":"VCID-qv4g-5kzs-9kfa"},{"vulnerability":"VCID-rffx-mwhe-tqe5"},{"vulnerability":"VCID-vx15-pahy-ufbn"},{"vulnerability":"VCID-x8k9-na1n-8fgj"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2"}],"aliases":["CVE-2020-35518"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pexr-smr8-gbhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82646?format=json","vulnerability_id":"VCID-wcyy-45hw-2fc6","summary":"389-ds-base: DoS via hanging secured connections","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3883.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3883.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3883","reference_id":"","reference_type":"","scores":[{"value":"0.0078","scoring_system":"epss","scoring_elements":"0.73773","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74016","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.73964","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74013","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74052","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74061","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74053","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74086","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.73971","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.73997","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.73968","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74002","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74038","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.7402","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00874","scoring_system":"epss","scoring_elements":"0.75345","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3883"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3883","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3883"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00008.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html"},{"reference_url":"https://pagure.io/389-ds-base/issue/50329","reference_id":"","reference_type":"","scores":[],"url":"https://pagure.io/389-ds-base/issue/50329"},{"reference_url":"https://pagure.io/389-ds-base/pull-request/50331","reference_id":"","reference_type":"","scores":[],"url":"https://pagure.io/389-ds-base/pull-request/50331"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1693612","reference_id":"1693612","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1693612"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927939","reference_id":"927939","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927939"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3883","reference_id":"CVE-2019-3883","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1896","reference_id":"RHSA-2019:1896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3401","reference_id":"RHSA-2019:3401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3401"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583111?format=json","purl":"pkg:deb/debian/389-ds-base@1.4.4.11-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tdy-umt6-4ubr"},{"vulnerability":"VCID-63rm-mq1r-5fbz"},{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-77rw-db6h-hya9"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-hjvf-3mm8-xfhq"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-knxk-357y-efhh"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-qkca-awn5-hfas"},{"vulnerability":"VCID-qv4g-5kzs-9kfa"},{"vulnerability":"VCID-rffx-mwhe-tqe5"},{"vulnerability":"VCID-vx15-pahy-ufbn"},{"vulnerability":"VCID-x8k9-na1n-8fgj"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2"}],"aliases":["CVE-2019-3883"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wcyy-45hw-2fc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81881?format=json","vulnerability_id":"VCID-z7kp-3dwk-wkgr","summary":"389-ds-base: Read permission check bypass via the deref plugin","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14824.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14824.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14824","reference_id":"","reference_type":"","scores":[{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41245","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41353","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41342","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41328","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41371","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41269","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41157","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41338","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41366","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41294","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41345","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41373","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60812","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61796","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14824"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14824","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14824"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00036.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00036.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1747448","reference_id":"1747448","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1747448"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944150","reference_id":"944150","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944150"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:fedoraproject:389_directory_server:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:389_directory_server:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14824","reference_id":"CVE-2019-14824","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3401","reference_id":"RHSA-2019:3401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3401"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3981","reference_id":"RHSA-2019:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0464","reference_id":"RHSA-2020:0464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0464"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583111?format=json","purl":"pkg:deb/debian/389-ds-base@1.4.4.11-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4tdy-umt6-4ubr"},{"vulnerability":"VCID-63rm-mq1r-5fbz"},{"vulnerability":"VCID-6f2q-qatg-kucr"},{"vulnerability":"VCID-77rw-db6h-hya9"},{"vulnerability":"VCID-bpw5-xeju-93f3"},{"vulnerability":"VCID-hjvf-3mm8-xfhq"},{"vulnerability":"VCID-kbvd-dfmn-buat"},{"vulnerability":"VCID-knxk-357y-efhh"},{"vulnerability":"VCID-pqe1-ewjj-uqbn"},{"vulnerability":"VCID-qkca-awn5-hfas"},{"vulnerability":"VCID-qv4g-5kzs-9kfa"},{"vulnerability":"VCID-rffx-mwhe-tqe5"},{"vulnerability":"VCID-vx15-pahy-ufbn"},{"vulnerability":"VCID-x8k9-na1n-8fgj"},{"vulnerability":"VCID-xs3r-chc9-27dr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2"}],"aliases":["CVE-2019-14824"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z7kp-3dwk-wkgr"}],"risk_score":"3.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2"}