{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","type":"ebuild","namespace":"app-emulation","name":"qemu","version":"7.0.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"8.0.0","latest_non_vulnerable_version":"8.0.0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35413?format=json","vulnerability_id":"VCID-186h-76t5-3fdd","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3947.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3947.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3947","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19129","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19264","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19315","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18978","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19058","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19111","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19117","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.1907","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19018","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18974","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18986","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18992","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18884","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18866","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18824","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18701","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18786","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.1889","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18852","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18889","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3947"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2021869","reference_id":"2021869","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2021869"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3947"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-186h-76t5-3fdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35420?format=json","vulnerability_id":"VCID-29bt-r6ya-jfhu","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20263.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20263.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20263","reference_id":"","reference_type":"","scores":[{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32842","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32971","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.33005","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32828","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32875","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32904","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32907","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.3287","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32844","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32886","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32864","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32679","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32564","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32479","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32339","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32403","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32413","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32319","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32341","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20263"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20263","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20263"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1933668","reference_id":"1933668","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1933668"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985083","reference_id":"985083","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985083"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-20263"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-29bt-r6ya-jfhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35416?format=json","vulnerability_id":"VCID-4unz-8jyy-qfdc","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4206.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4206.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4206","reference_id":"","reference_type":"","scores":[{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36992","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.37027","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36855","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36906","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36835","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36989","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36758","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36727","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.3664","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36523","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36594","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.3662","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36537","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.3656","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37071","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37081","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37047","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.3702","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37066","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036998","reference_id":"2036998","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036998"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5002","reference_id":"RHSA-2022:5002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5821","reference_id":"RHSA-2022:5821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5821"},{"reference_url":"https://usn.ubuntu.com/5489-1/","reference_id":"USN-5489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-4206"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4unz-8jyy-qfdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35385?format=json","vulnerability_id":"VCID-6qnt-yaa3-p3bb","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35506.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35506.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35506","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08517","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08545","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08598","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08516","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08589","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08612","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08609","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08588","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08575","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08464","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08451","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08601","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08614","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08567","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0857","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08509","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08652","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08736","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08702","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08727","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35506"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909996","reference_id":"1909996","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909996"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984454","reference_id":"984454","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984454"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2020-35506"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qnt-yaa3-p3bb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35391?format=json","vulnerability_id":"VCID-7w6v-ewcn-kkdz","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3416.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3416.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3416","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00333","published_at":"2026-04-01T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00338","published_at":"2026-04-02T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00336","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00328","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00325","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00326","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00323","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00322","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00317","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00343","published_at":"2026-04-24T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00342","published_at":"2026-05-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00337","published_at":"2026-05-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00341","published_at":"2026-05-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00335","published_at":"2026-05-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00329","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3416"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3416","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3416"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932827","reference_id":"1932827","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932827"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984448","reference_id":"984448","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984448"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3061","reference_id":"RHSA-2021:3061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3703","reference_id":"RHSA-2021:3703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3703"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3416"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7w6v-ewcn-kkdz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35394?format=json","vulnerability_id":"VCID-ap2r-g7ew-kqed","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3544.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3544.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3544","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09299","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.093","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09351","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09263","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09339","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09388","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09399","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0937","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09355","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09248","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09247","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0945","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09408","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09368","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0928","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09445","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09518","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09499","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0953","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1958935","reference_id":"1958935","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1958935"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042","reference_id":"989042","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3544"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ap2r-g7ew-kqed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35392?format=json","vulnerability_id":"VCID-bcps-uatt-wkd7","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3527.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3527.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3527","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07873","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.0797","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08017","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07976","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08035","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08054","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08038","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08019","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08002","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07915","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07897","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08058","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08013","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07979","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07954","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07921","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08057","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08124","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08107","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08131","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3527"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1955695","reference_id":"1955695","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1955695"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988157","reference_id":"988157","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988157"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3527"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bcps-uatt-wkd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35405?format=json","vulnerability_id":"VCID-br4x-bpvj-puhr","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3608.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3608.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3608","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11095","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11238","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11302","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11117","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11197","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11253","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11263","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11174","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11149","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11015","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11025","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11155","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11094","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1105","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10986","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10924","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11061","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11133","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11101","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11143","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3608"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1973383","reference_id":"1973383","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1973383"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990563","reference_id":"990563","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990563"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3608"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-br4x-bpvj-puhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35411?format=json","vulnerability_id":"VCID-cenj-mz55-jbg6","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3929.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3929.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3929","reference_id":"","reference_type":"","scores":[{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89536","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.8954","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89553","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89554","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89571","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89576","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89583","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89582","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.8959","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89591","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89587","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89602","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89606","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89607","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89615","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89633","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89646","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89642","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89651","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3929"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2020298","reference_id":"2020298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2020298"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5489-1/","reference_id":"USN-5489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3929"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cenj-mz55-jbg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35407?format=json","vulnerability_id":"VCID-eb18-wa2w-q7bn","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3682.json","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3682.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3682","reference_id":"","reference_type":"","scores":[{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61708","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61782","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61813","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61831","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61847","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61868","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61857","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61837","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.6188","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61885","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61869","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61864","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61882","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61875","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63925","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63839","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63883","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63931","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63899","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1989651","reference_id":"1989651","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1989651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991911","reference_id":"991911","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991911"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3703","reference_id":"RHSA-2021:3703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3704","reference_id":"RHSA-2021:3704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3704"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"},{"reference_url":"https://usn.ubuntu.com/5772-1/","reference_id":"USN-5772-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5772-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3682"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eb18-wa2w-q7bn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35402?format=json","vulnerability_id":"VCID-een8-8kc5-qfcx","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3546.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3546.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3546","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13329","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13431","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13496","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1329","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13373","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13423","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13395","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1336","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13313","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13218","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13217","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13297","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13304","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13276","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13173","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13078","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13232","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13314","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13309","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13339","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1958978","reference_id":"1958978","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1958978"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042","reference_id":"989042","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3546"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-een8-8kc5-qfcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35414?format=json","vulnerability_id":"VCID-g4az-63th-yyhk","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4145.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4145.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4145","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18066","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18228","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.1828","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17982","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18067","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18128","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18135","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18091","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18042","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17985","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17996","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17888","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.1773","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17825","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17927","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18361","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18523","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18419","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18402","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4145"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2034602","reference_id":"2034602","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2034602"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1759","reference_id":"RHSA-2022:1759","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1759"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-4145"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g4az-63th-yyhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35383?format=json","vulnerability_id":"VCID-gc6n-kgsc-f3b6","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35505.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35505.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35505","reference_id":"","reference_type":"","scores":[{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30082","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30123","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30131","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30061","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30772","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30586","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30645","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30678","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30683","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30638","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30592","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30618","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30601","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30566","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30388","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30273","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30194","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30052","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31525","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31388","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35505"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909769","reference_id":"1909769","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909769"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984455","reference_id":"984455","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984455"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2020-35505"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gc6n-kgsc-f3b6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35404?format=json","vulnerability_id":"VCID-hrhp-htnd-7bbx","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3607.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3607.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3607","reference_id":"","reference_type":"","scores":[{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38532","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38667","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38691","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38622","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38673","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38682","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38692","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38654","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38628","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38675","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38653","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38575","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38416","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38391","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38299","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38184","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38253","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38262","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38174","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38198","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3607"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3607","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3607"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1973349","reference_id":"1973349","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1973349"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990564","reference_id":"990564","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990564"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3607"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hrhp-htnd-7bbx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35423?format=json","vulnerability_id":"VCID-j1gy-ttz5-1yct","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26353.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26353.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26353","reference_id":"","reference_type":"","scores":[{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46935","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46877","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46941","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.4696","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46904","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47074","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47095","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47068","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47076","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47132","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47128","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47062","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47072","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47021","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.4707","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47052","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47071","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47019","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2063197","reference_id":"2063197","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2063197"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5002","reference_id":"RHSA-2022:5002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5263","reference_id":"RHSA-2022:5263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5821","reference_id":"RHSA-2022:5821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5821"},{"reference_url":"https://usn.ubuntu.com/5489-1/","reference_id":"USN-5489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2022-26353"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j1gy-ttz5-1yct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35419?format=json","vulnerability_id":"VCID-j6hs-wm45-s3ej","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20257.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20257.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20257","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22726","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.229","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22944","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22737","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22812","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22864","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22885","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22848","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22792","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22806","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.228","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2276","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22598","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2259","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22585","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2245","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22533","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22612","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22578","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22593","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20257"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930087","reference_id":"1930087","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930087"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984450","reference_id":"984450","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984450"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5238","reference_id":"RHSA-2021:5238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0081","reference_id":"RHSA-2022:0081","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0081"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-20257"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j6hs-wm45-s3ej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35403?format=json","vulnerability_id":"VCID-nb4k-f7rm-kuhg","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3582.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3582.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3582","reference_id":"","reference_type":"","scores":[{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37003","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37176","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37204","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37035","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37086","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37099","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37109","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37075","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37049","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37095","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37077","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3702","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36789","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36757","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3667","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36552","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36622","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36648","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36567","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36591","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3582"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966266","reference_id":"1966266","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966266"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990565","reference_id":"990565","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990565"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3582"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nb4k-f7rm-kuhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35397?format=json","vulnerability_id":"VCID-q38v-9gvs-sydf","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3545.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3545.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3545","reference_id":"","reference_type":"","scores":[{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30389","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30418","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30464","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30272","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30331","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30366","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30368","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30324","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30277","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30291","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30273","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30229","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30164","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30049","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29974","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29839","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.2991","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.2992","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29849","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.2987","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1958955","reference_id":"1958955","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1958955"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042","reference_id":"989042","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3545"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q38v-9gvs-sydf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35382?format=json","vulnerability_id":"VCID-qh2s-apkz-sbaz","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35504.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35504.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35504","reference_id":"","reference_type":"","scores":[{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26634","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26588","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31438","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31469","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31473","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3143","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31394","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31427","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31407","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31379","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31209","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31085","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31006","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30854","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30923","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30927","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30842","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30866","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31568","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31385","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35504"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909766","reference_id":"1909766","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909766"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979679","reference_id":"979679","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979679"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2020-35504"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qh2s-apkz-sbaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35412?format=json","vulnerability_id":"VCID-qn73-3gkb-rkbm","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3930.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3930.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3930","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17001","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17172","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17224","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16955","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17044","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17103","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17078","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17032","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16971","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16908","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1691","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16947","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16851","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16833","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16789","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16658","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16776","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16883","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16848","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16884","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3930"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2020588","reference_id":"2020588","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2020588"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5065","reference_id":"RHSA-2021:5065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5238","reference_id":"RHSA-2021:5238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0081","reference_id":"RHSA-2022:0081","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0081"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"},{"reference_url":"https://usn.ubuntu.com/5772-1/","reference_id":"USN-5772-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5772-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3930"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qn73-3gkb-rkbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35409?format=json","vulnerability_id":"VCID-r47h-wdgy-7bga","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3748.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3748.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3748","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10319","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10438","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10505","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10365","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10503","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10533","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.105","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10478","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10345","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10449","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10432","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10421","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10308","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10454","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10482","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10523","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1998514","reference_id":"1998514","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1998514"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993401","reference_id":"993401","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993401"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4112","reference_id":"RHSA-2021:4112","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4112"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5036","reference_id":"RHSA-2021:5036","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5036"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1759","reference_id":"RHSA-2022:1759","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1759"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3748"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r47h-wdgy-7bga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35375?format=json","vulnerability_id":"VCID-t44w-g1ys-47e6","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15859.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15859.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15859","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09537","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09552","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30654","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30538","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30453","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30313","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30385","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30818","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32436","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32562","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32385","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32434","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32461","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32465","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32427","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.324","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32414","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33675","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33585","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33608","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15859"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1859168","reference_id":"1859168","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1859168"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965978","reference_id":"965978","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965978"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4191","reference_id":"RHSA-2021:4191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4191"},{"reference_url":"https://usn.ubuntu.com/4725-1/","reference_id":"USN-4725-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4725-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2020-15859"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t44w-g1ys-47e6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35406?format=json","vulnerability_id":"VCID-t5gq-4bhn-gkej","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3611.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3611.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3611","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07094","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07214","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07259","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07238","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07293","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07319","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07315","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07302","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07223","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08432","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08185","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08348","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08322","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08283","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08252","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08221","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08358","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08427","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08404","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3611"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3611","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3611"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1973784","reference_id":"1973784","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1973784"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990562","reference_id":"990562","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990562"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7967","reference_id":"RHSA-2022:7967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7967"},{"reference_url":"https://usn.ubuntu.com/6567-1/","reference_id":"USN-6567-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6567-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3611"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t5gq-4bhn-gkej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35387?format=json","vulnerability_id":"VCID-tyv8-tzu8-23fj","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35517.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35517.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35517","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24402","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24528","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24563","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24346","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24414","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24459","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24474","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2443","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24373","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24388","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24378","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24349","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24225","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24211","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24172","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24054","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24136","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24201","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24148","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24166","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35517"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1915823","reference_id":"1915823","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1915823"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980814","reference_id":"980814","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980814"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0711","reference_id":"RHSA-2021:0711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0743","reference_id":"RHSA-2021:0743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0743"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2020-35517"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tyv8-tzu8-23fj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35415?format=json","vulnerability_id":"VCID-ueu8-w641-duh3","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4158.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4158.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4158","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06471","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06535","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06571","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06556","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06607","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0665","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06643","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06634","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06626","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06554","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06545","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.067","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06699","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06709","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06701","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06728","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0686","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06924","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06927","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06948","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4158"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2035002","reference_id":"2035002","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2035002"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1759","reference_id":"RHSA-2022:1759","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1759"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7967","reference_id":"RHSA-2022:7967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7967"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-4158"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ueu8-w641-duh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35425?format=json","vulnerability_id":"VCID-vpu8-k8me-tfe6","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26354.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26354.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26354","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01466","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01494","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01502","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01482","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01475","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01469","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01408","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01401","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01395","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01396","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01386","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.014","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01485","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01493","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04303","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04324","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04333","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04365","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2063257","reference_id":"2063257","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2063257"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5002","reference_id":"RHSA-2022:5002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5263","reference_id":"RHSA-2022:5263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5821","reference_id":"RHSA-2022:5821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5821"},{"reference_url":"https://usn.ubuntu.com/5489-1/","reference_id":"USN-5489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2022-26354"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vpu8-k8me-tfe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35418?format=json","vulnerability_id":"VCID-vrwy-exwv-vyhr","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20203.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20203.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20203","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08695","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08723","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08771","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08697","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08773","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08799","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08801","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08768","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08752","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08641","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08631","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08784","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08797","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08753","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08756","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08683","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08835","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08909","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08871","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.089","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20203"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1922441","reference_id":"1922441","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1922441"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984452","reference_id":"984452","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984452"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-20203"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vrwy-exwv-vyhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35390?format=json","vulnerability_id":"VCID-vvaj-skpn-u3ar","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3409.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3409.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3409","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16897","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16727","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40602","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40612","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40593","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40573","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.4062","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.4059","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40512","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.4041","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40397","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40316","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40176","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40244","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40261","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40164","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40188","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.4063","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40552","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3409"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928146","reference_id":"1928146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928146"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986795","reference_id":"986795","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986795"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3409"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vvaj-skpn-u3ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35410?format=json","vulnerability_id":"VCID-w7gc-1eh2-3ufu","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3750.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3750.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3750","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08687","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0854","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08535","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08476","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0862","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08696","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08663","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08579","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08573","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08552","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08536","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08429","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08413","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08586","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08752","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.088","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08733","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08812","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08723","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3750"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1999073","reference_id":"1999073","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1999073"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7967","reference_id":"RHSA-2022:7967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6980","reference_id":"RHSA-2023:6980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0404","reference_id":"RHSA-2024:0404","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0404"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0569","reference_id":"RHSA-2024:0569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0569"},{"reference_url":"https://usn.ubuntu.com/5772-1/","reference_id":"USN-5772-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5772-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3750"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w7gc-1eh2-3ufu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35376?format=json","vulnerability_id":"VCID-wdjx-9f36-abgu","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15863.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15863.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15863","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13872","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13955","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14011","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13813","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13896","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13948","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13905","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13869","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1382","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30635","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31177","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31158","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31127","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30967","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30845","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30761","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30613","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30682","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30692","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1853725","reference_id":"1853725","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1853725"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2020-15863"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wdjx-9f36-abgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35381?format=json","vulnerability_id":"VCID-wjxf-kgdw-2kau","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16092.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16092.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-16092","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11559","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11685","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11728","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11513","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.116","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1166","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11672","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11635","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11608","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1147","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11472","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11598","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11551","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11512","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1144","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11367","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11502","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11552","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11522","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11561","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-16092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1860283","reference_id":"1860283","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1860283"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5111","reference_id":"RHSA-2020:5111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0346","reference_id":"RHSA-2021:0346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0347","reference_id":"RHSA-2021:0347","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0459","reference_id":"RHSA-2021:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0934","reference_id":"RHSA-2021:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0934"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1762","reference_id":"RHSA-2021:1762","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1762"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2020-16092"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wjxf-kgdw-2kau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35408?format=json","vulnerability_id":"VCID-ycrs-vy13-wbff","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3713.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3713.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3713","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09598","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09663","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09714","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09622","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09692","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09741","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09753","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09721","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09705","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09595","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09567","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09719","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09677","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09591","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09756","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09824","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09796","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09832","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1994640","reference_id":"1994640","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1994640"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992727","reference_id":"992727","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992727"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-3713"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ycrs-vy13-wbff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35417?format=json","vulnerability_id":"VCID-yt3z-g3w7-xfa5","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4207.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4207.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4207","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15388","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15427","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15497","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.153","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15438","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.154","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15361","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15295","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15211","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15216","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15267","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15307","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15305","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16001","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15932","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15813","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16034","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15924","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16025","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036966","reference_id":"2036966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036966"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5002","reference_id":"RHSA-2022:5002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5821","reference_id":"RHSA-2022:5821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5821"},{"reference_url":"https://usn.ubuntu.com/5489-1/","reference_id":"USN-5489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2021-4207"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yt3z-g3w7-xfa5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35422?format=json","vulnerability_id":"VCID-zf4c-x45c-tudm","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0358.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0358.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0358","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10785","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1092","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10984","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1081","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10886","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10939","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1094","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10907","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10885","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10749","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10762","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10883","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10844","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10802","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10742","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10686","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1082","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10892","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10876","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10922","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2044863","reference_id":"2044863","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2044863"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0759","reference_id":"RHSA-2022:0759","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0759"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0886","reference_id":"RHSA-2022:0886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0949","reference_id":"RHSA-2022:0949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0971","reference_id":"RHSA-2022:0971","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0971"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0973","reference_id":"RHSA-2022:0973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0973"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"},{"reference_url":"https://usn.ubuntu.com/5489-1/","reference_id":"USN-5489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74097?format=json","purl":"pkg:ebuild/app-emulation/qemu@7.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}],"aliases":["CVE-2022-0358"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zf4c-x45c-tudm"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@7.0.0"}