Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/72094?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "type": "ebuild", "namespace": "net-libs", "name": "mbedtls", "version": "2.28.1", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.28.7", "latest_non_vulnerable_version": "2.28.7", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32145?format=api", "vulnerability_id": "VCID-5e8e-tdjb-f7c4", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36425", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69161", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69177", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69198", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69179", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69229", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69248", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.6927", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69256", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69227", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69266", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69274", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69254", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69305", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69313", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.6932", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69298", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.6934", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00592", "scoring_system": "epss", "scoring_elements": "0.69375", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36425" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36425", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36425" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2020-36425" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5e8e-tdjb-f7c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32152?format=api", "vulnerability_id": "VCID-5x2e-paq2-nyf9", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44732", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76051", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76054", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76087", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76067", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76101", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76115", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.7614", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76116", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76113", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76154", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76158", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.7618", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.7619", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76202", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00931", "scoring_system": "epss", "scoring_elements": "0.76212", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00978", "scoring_system": "epss", "scoring_elements": "0.76841", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00978", "scoring_system": "epss", "scoring_elements": "0.76858", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44732" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002631", "reference_id": "1002631", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002631" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" }, { "reference_url": "https://usn.ubuntu.com/8123-1/", "reference_id": "USN-8123-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8123-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2021-44732" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5x2e-paq2-nyf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32141?format=api", "vulnerability_id": "VCID-71u1-k3yx-pfgx", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36421", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66778", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66614", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66679", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66647", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66682", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66696", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66681", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66705", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66719", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66693", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66737", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66574", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.6664", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66611", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66659", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66673", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66692", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36421" }, { "reference_url": "https://github.com/ARMmbed/mbedtls/issues/3394", "reference_id": "3394", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T16:11:06Z/" } ], "url": "https://github.com/ARMmbed/mbedtls/issues/3394" }, { "reference_url": "https://bugs.gentoo.org/730752", "reference_id": "730752", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T16:11:06Z/" } ], "url": "https://bugs.gentoo.org/730752" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" }, { "reference_url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.7", "reference_id": "v2.16.7", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T16:11:06Z/" } ], "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.7" }, { "reference_url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.23.0", "reference_id": "v2.23.0", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T16:11:06Z/" } ], "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.23.0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2020-36421" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-71u1-k3yx-pfgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32144?format=api", "vulnerability_id": "VCID-987j-wtrr-7beu", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36424", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32626", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32761", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32797", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32618", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32665", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32691", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32692", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32655", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32627", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32642", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32612", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32457", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32342", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32258", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32117", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32181", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.3219", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36424" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36424", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36424" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2020-36424" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-987j-wtrr-7beu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32153?format=api", "vulnerability_id": "VCID-ct4s-c1rd-suhj", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-45450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19084", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.18968", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21053", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21141", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2181", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21866", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21877", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21837", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21779", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2175", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21787", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21752", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21605", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21599", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21781", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21967", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21733", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-45450" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2021-45450" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ct4s-c1rd-suhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32140?format=api", "vulnerability_id": "VCID-ewrv-m6gm-y7hc", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-16150", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22867", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23036", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23081", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.2287", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22942", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22994", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23012", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22976", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.2292", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22875", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23115", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22954", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23107", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.2307", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22904", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22898", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22895", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22792", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-16150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16150" }, { "reference_url": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972806", "reference_id": "972806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972806" }, { "reference_url": "https://security.archlinux.org/ASA-202101-7", "reference_id": "ASA-202101-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-7" }, { "reference_url": "https://security.archlinux.org/AVG-1386", "reference_id": "AVG-1386", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1386" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16150", "reference_id": "CVE-2020-16150", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16150" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2020-16150" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ewrv-m6gm-y7hc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32142?format=api", "vulnerability_id": "VCID-jcnd-yb5z-p7d3", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.5662", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56716", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56737", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56715", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56766", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56771", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.5678", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56757", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56736", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56767", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56764", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56738", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56677", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56693", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56631", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56678", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.5674", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36422" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2020-36422" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jcnd-yb5z-p7d3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32154?format=api", "vulnerability_id": "VCID-k8w1-nrjy-wfbe", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82015", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82037", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82031", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82058", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82065", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82085", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82075", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82067", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82101", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82103", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82126", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82138", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82141", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82158", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.8218", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01661", "scoring_system": "epss", "scoring_elements": "0.82203", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35409" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2022-35409" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k8w1-nrjy-wfbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32147?format=api", "vulnerability_id": "VCID-rqxq-rqxu-4fes", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36475", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.7669", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76694", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76723", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76705", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76737", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76748", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76776", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76756", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76789", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76794", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76785", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76816", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76824", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76836", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76825", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76856", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76873", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36475" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36475", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36475" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2020-36475" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rqxq-rqxu-4fes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32148?format=api", "vulnerability_id": "VCID-s1qx-e7uw-c3eq", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71525", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71532", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71549", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71522", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71562", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71573", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71596", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.7158", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71606", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71611", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71591", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71642", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71646", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71651", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71636", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71671", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71704", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36476" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2020-36476" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s1qx-e7uw-c3eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32143?format=api", "vulnerability_id": "VCID-svsq-har4-dyen", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36423", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60722", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60737", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60761", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60748", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60729", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60703", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60673", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71262", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71246", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71283", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71118", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71318", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71128", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71213", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.7122", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71198", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71252", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00663", "scoring_system": "epss", "scoring_elements": "0.71259", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36423" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36423" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2020-36423" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-svsq-har4-dyen" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32149?format=api", "vulnerability_id": "VCID-wpu6-c26t-4ufn", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36477", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32922", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32958", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32779", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32827", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32856", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32857", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32819", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32794", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32837", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32814", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32628", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32512", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.3243", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32295", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32359", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32369", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36477" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2020-36477" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wpu6-c26t-4ufn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32151?format=api", "vulnerability_id": "VCID-x5we-9dmz-p7bh", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43666", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72438", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72263", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.7239", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72382", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72411", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72257", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72283", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72259", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72297", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.7231", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72332", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72316", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72302", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72345", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72354", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72342", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72385", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72394", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43666" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43666", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43666" }, { "reference_url": "https://github.com/ARMmbed/mbedtls/issues/5136", "reference_id": "5136", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:50:55Z/" } ], "url": "https://github.com/ARMmbed/mbedtls/issues/5136" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2021-43666" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x5we-9dmz-p7bh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32150?format=api", "vulnerability_id": "VCID-x682-agtt-myf1", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36478", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66677", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66717", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66743", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66716", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66764", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.6678", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.668", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66787", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66757", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66791", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66805", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66788", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66813", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66826", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66823", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66795", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66838", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66879", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36478" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2020-36478" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x682-agtt-myf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32146?format=api", "vulnerability_id": "VCID-zyge-82z3-33eq", "summary": "Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77544", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77494", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77521", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77381", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77362", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77392", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77401", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77427", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77407", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77404", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77443", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77442", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77434", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77468", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77475", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01037", "scoring_system": "epss", "scoring_elements": "0.77487", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77417", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.7741", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36426" }, { "reference_url": "https://security.gentoo.org/glsa/202301-08", "reference_id": "GLSA-202301-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202301-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/72094?format=api", "purl": "pkg:ebuild/net-libs/mbedtls@2.28.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" } ], "aliases": [ "CVE-2020-36426" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zyge-82z3-33eq" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/mbedtls@2.28.1" }