{"url":"http://public2.vulnerablecode.io/api/packages/583480?format=json","purl":"pkg:deb/debian/ceph@0?distro=trixie","type":"deb","namespace":"debian","name":"ceph","version":"0","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.80.10-1","latest_non_vulnerable_version":"18.2.8+ds-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83902?format=json","vulnerability_id":"VCID-cqkj-bda2-2fb2","summary":"ceph: Failed assertion through user input in ceph_assert() function in rgw_iam_policy.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16818.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16818.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16818","reference_id":"","reference_type":"","scores":[{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69023","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69306","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69238","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.6923","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.6928","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69292","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69039","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.6906","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.6904","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69089","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69109","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69132","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69117","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69087","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69127","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69137","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69116","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69165","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69173","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69182","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69163","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69206","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16818"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:N/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ceph/ceph/commit/b3118cabb8060a8cc6a01c4e8264cb18e7b1745a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ceph/ceph/commit/b3118cabb8060a8cc6a01c4e8264cb18e7b1745a"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6VJA32U7HKGDRJQDJVM7JBYWD4T7BJL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6VJA32U7HKGDRJQDJVM7JBYWD4T7BJL/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1515872","reference_id":"1515872","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1515872"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ceph:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ceph:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ceph:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16818","reference_id":"CVE-2017-16818","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16818"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583480?format=json","purl":"pkg:deb/debian/ceph@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582215?format=json","purl":"pkg:deb/debian/ceph@14.2.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@14.2.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582216?format=json","purl":"pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18bk-met9-qfc9"},{"vulnerability":"VCID-1yz5-m9s7-nqdm"},{"vulnerability":"VCID-r1ah-c6z7-vyen"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582217?format=json","purl":"pkg:deb/debian/ceph@18.2.7%2Bds-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18bk-met9-qfc9"},{"vulnerability":"VCID-1yz5-m9s7-nqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.7%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582218?format=json","purl":"pkg:deb/debian/ceph@18.2.8%2Bds-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1102900?format=json","purl":"pkg:deb/debian/ceph@18.2.8%2Bds-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-2%3Fdistro=trixie"}],"aliases":["CVE-2017-16818"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cqkj-bda2-2fb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83666?format=json","vulnerability_id":"VCID-dqnx-pbyr-43at","summary":"ceph: Unauthenticated malformed HTTP requests handled by rgw_civetweb.cc:RGW::init_env() can lead to denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7262.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7262.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7262","reference_id":"","reference_type":"","scores":[{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81281","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.8129","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81311","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81339","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81345","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81365","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81351","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81343","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81381","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81383","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81406","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81413","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81417","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81433","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81453","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81474","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.8147","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81488","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81527","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81531","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01536","scoring_system":"epss","scoring_elements":"0.81534","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7262"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1546610","reference_id":"1546610","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1546610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0546","reference_id":"RHSA-2018:0546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0548","reference_id":"RHSA-2018:0548","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0548"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583480?format=json","purl":"pkg:deb/debian/ceph@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582215?format=json","purl":"pkg:deb/debian/ceph@14.2.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@14.2.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582216?format=json","purl":"pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18bk-met9-qfc9"},{"vulnerability":"VCID-1yz5-m9s7-nqdm"},{"vulnerability":"VCID-r1ah-c6z7-vyen"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582217?format=json","purl":"pkg:deb/debian/ceph@18.2.7%2Bds-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18bk-met9-qfc9"},{"vulnerability":"VCID-1yz5-m9s7-nqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.7%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582218?format=json","purl":"pkg:deb/debian/ceph@18.2.8%2Bds-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1102900?format=json","purl":"pkg:deb/debian/ceph@18.2.8%2Bds-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-2%3Fdistro=trixie"}],"aliases":["CVE-2018-7262"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dqnx-pbyr-43at"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82785?format=json","vulnerability_id":"VCID-grz8-4a4n-1fap","summary":"ceph: radosgw: Resource exhaustion via TCP connection to port serving the SSL endpoint","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3821.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3821.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3821","reference_id":"","reference_type":"","scores":[{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73252","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73237","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73244","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75456","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.7564","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75657","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75459","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.7549","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.7547","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75512","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75522","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75541","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.7552","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75511","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75553","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75559","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75545","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75583","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75588","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75592","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75603","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75633","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00889","scoring_system":"epss","scoring_elements":"0.75659","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3821"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3821","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3821"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ceph/civetweb/pull/33","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ceph/civetweb/pull/33"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656852","reference_id":"1656852","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656852"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ceph:civetweb:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ceph:civetweb:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ceph:civetweb:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3821","reference_id":"CVE-2019-3821","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3821"},{"reference_url":"https://usn.ubuntu.com/4035-1/","reference_id":"USN-4035-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4035-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583480?format=json","purl":"pkg:deb/debian/ceph@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582215?format=json","purl":"pkg:deb/debian/ceph@14.2.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@14.2.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582216?format=json","purl":"pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18bk-met9-qfc9"},{"vulnerability":"VCID-1yz5-m9s7-nqdm"},{"vulnerability":"VCID-r1ah-c6z7-vyen"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582217?format=json","purl":"pkg:deb/debian/ceph@18.2.7%2Bds-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18bk-met9-qfc9"},{"vulnerability":"VCID-1yz5-m9s7-nqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.7%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582218?format=json","purl":"pkg:deb/debian/ceph@18.2.8%2Bds-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1102900?format=json","purl":"pkg:deb/debian/ceph@18.2.8%2Bds-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-2%3Fdistro=trixie"}],"aliases":["CVE-2019-3821"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-grz8-4a4n-1fap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78891?format=json","vulnerability_id":"VCID-mqt6-kw7g-xff7","summary":"ceph: possible DoS issue in ceph URL processing on RGW backends","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3854.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3854.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3854","reference_id":"","reference_type":"","scores":[{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23367","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23255","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23043","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23036","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23032","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22925","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.2301","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23085","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.2305","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23408","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23195","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23269","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23319","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.2334","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23302","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23245","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23261","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23236","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.2572","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25643","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.54009","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.54012","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3854"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027151","reference_id":"1027151","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027151"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2139925","reference_id":"2139925","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T18:53:45Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2139925"},{"reference_url":"https://usn.ubuntu.com/6063-1/","reference_id":"USN-6063-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6063-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583480?format=json","purl":"pkg:deb/debian/ceph@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582215?format=json","purl":"pkg:deb/debian/ceph@14.2.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@14.2.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/586970?format=json","purl":"pkg:deb/debian/ceph@16.2.10%2Bds-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.10%252Bds-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582216?format=json","purl":"pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18bk-met9-qfc9"},{"vulnerability":"VCID-1yz5-m9s7-nqdm"},{"vulnerability":"VCID-r1ah-c6z7-vyen"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582217?format=json","purl":"pkg:deb/debian/ceph@18.2.7%2Bds-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18bk-met9-qfc9"},{"vulnerability":"VCID-1yz5-m9s7-nqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.7%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582218?format=json","purl":"pkg:deb/debian/ceph@18.2.8%2Bds-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1102900?format=json","purl":"pkg:deb/debian/ceph@18.2.8%2Bds-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-2%3Fdistro=trixie"}],"aliases":["CVE-2022-3854"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mqt6-kw7g-xff7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81717?format=json","vulnerability_id":"VCID-p6nr-dpnz-u3gs","summary":"ceph: denial of service in RGW daemon","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19337.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19337.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19337","reference_id":"","reference_type":"","scores":[{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61365","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61291","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61253","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.6128","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61337","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61352","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66948","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66954","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66922","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66955","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.6697","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66952","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66974","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66987","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66985","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66957","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.67","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66849","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66968","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66886","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66913","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66934","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19337"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781170","reference_id":"1781170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4353","reference_id":"RHSA-2019:4353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4357","reference_id":"RHSA-2019:4357","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4357"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583480?format=json","purl":"pkg:deb/debian/ceph@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582215?format=json","purl":"pkg:deb/debian/ceph@14.2.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@14.2.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582216?format=json","purl":"pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18bk-met9-qfc9"},{"vulnerability":"VCID-1yz5-m9s7-nqdm"},{"vulnerability":"VCID-r1ah-c6z7-vyen"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582217?format=json","purl":"pkg:deb/debian/ceph@18.2.7%2Bds-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18bk-met9-qfc9"},{"vulnerability":"VCID-1yz5-m9s7-nqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.7%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582218?format=json","purl":"pkg:deb/debian/ceph@18.2.8%2Bds-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1102900?format=json","purl":"pkg:deb/debian/ceph@18.2.8%2Bds-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-2%3Fdistro=trixie"}],"aliases":["CVE-2019-19337"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p6nr-dpnz-u3gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81277?format=json","vulnerability_id":"VCID-vkxb-yabn-wyhu","summary":"ceph: authorization bypass in monitor and manager daemons","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10736.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10736.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10736","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20994","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21149","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21203","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20917","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20997","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21058","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21074","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.2103","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20979","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20967","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20945","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20815","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20811","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20779","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20682","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20756","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20844","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20818","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20839","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.2093","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.2094","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20941","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10736"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1833025","reference_id":"1833025","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1833025"},{"reference_url":"https://usn.ubuntu.com/4706-1/","reference_id":"USN-4706-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4706-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583480?format=json","purl":"pkg:deb/debian/ceph@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582215?format=json","purl":"pkg:deb/debian/ceph@14.2.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@14.2.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582216?format=json","purl":"pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18bk-met9-qfc9"},{"vulnerability":"VCID-1yz5-m9s7-nqdm"},{"vulnerability":"VCID-r1ah-c6z7-vyen"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582217?format=json","purl":"pkg:deb/debian/ceph@18.2.7%2Bds-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18bk-met9-qfc9"},{"vulnerability":"VCID-1yz5-m9s7-nqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.7%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582218?format=json","purl":"pkg:deb/debian/ceph@18.2.8%2Bds-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1102900?format=json","purl":"pkg:deb/debian/ceph@18.2.8%2Bds-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-2%3Fdistro=trixie"}],"aliases":["CVE-2020-10736"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vkxb-yabn-wyhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72645?format=json","vulnerability_id":"VCID-www5-5x6q-xyeu","summary":"ceph: rhceph-container: Authentication bypass in CEPH RadosGW","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-48916.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-48916.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-48916","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10658","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10682","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10652","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10713","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1057","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10643","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10714","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.107","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11474","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11472","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11599","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11555","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1325","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13264","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13077","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13157","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13148","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13177","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13116","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13018","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.12923","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14459","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-48916"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088993","reference_id":"1088993","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088993"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2329846","reference_id":"2329846","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2329846"},{"reference_url":"https://github.com/ceph/ceph/security/advisories/GHSA-5g9m-mmp6-93mq","reference_id":"GHSA-5g9m-mmp6-93mq","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-30T19:54:31Z/"}],"url":"https://github.com/ceph/ceph/security/advisories/GHSA-5g9m-mmp6-93mq"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10956","reference_id":"RHSA-2024:10956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10957","reference_id":"RHSA-2024:10957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4238","reference_id":"RHSA-2025:4238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4664","reference_id":"RHSA-2025:4664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4664"},{"reference_url":"https://usn.ubuntu.com/7182-1/","reference_id":"USN-7182-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7182-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583480?format=json","purl":"pkg:deb/debian/ceph@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582215?format=json","purl":"pkg:deb/debian/ceph@14.2.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@14.2.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582216?format=json","purl":"pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18bk-met9-qfc9"},{"vulnerability":"VCID-1yz5-m9s7-nqdm"},{"vulnerability":"VCID-r1ah-c6z7-vyen"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585655?format=json","purl":"pkg:deb/debian/ceph@18.2.4%2Bds-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.4%252Bds-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582217?format=json","purl":"pkg:deb/debian/ceph@18.2.7%2Bds-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18bk-met9-qfc9"},{"vulnerability":"VCID-1yz5-m9s7-nqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.7%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582218?format=json","purl":"pkg:deb/debian/ceph@18.2.8%2Bds-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1102900?format=json","purl":"pkg:deb/debian/ceph@18.2.8%2Bds-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-2%3Fdistro=trixie"}],"aliases":["CVE-2024-48916"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-www5-5x6q-xyeu"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@0%3Fdistro=trixie"}