{"url":"http://public2.vulnerablecode.io/api/packages/75341?format=json","purl":"pkg:ebuild/dev-lang/python@3.8.15_p3","type":"ebuild","namespace":"dev-lang","name":"python","version":"3.8.15_p3","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.8.19","latest_non_vulnerable_version":"3.14.0_beta2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38870?format=json","vulnerability_id":"VCID-4gsg-5e6s-63g4","summary":"Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28861.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28861.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28861","reference_id":"","reference_type":"","scores":[{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80333","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.8034","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80349","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80385","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80392","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80407","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80388","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80378","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.8036","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80578","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80537","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.8052","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80525","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80506","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80483","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80468","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80451","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80445","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80419","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80415","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01395","scoring_system":"epss","scoring_elements":"0.80414","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2120642","reference_id":"2120642","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2120642"},{"reference_url":"https://github.com/python/cpython/pull/24848","reference_id":"24848","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://github.com/python/cpython/pull/24848"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2TRINJE3INWDVIHIABW4L2NP3RUSK7BJ/","reference_id":"2TRINJE3INWDVIHIABW4L2NP3RUSK7BJ","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2TRINJE3INWDVIHIABW4L2NP3RUSK7BJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LTSPFIULY2GZJN3QYNFVM4JSU6H4D6J/","reference_id":"5LTSPFIULY2GZJN3QYNFVM4JSU6H4D6J","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LTSPFIULY2GZJN3QYNFVM4JSU6H4D6J/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OABQ5CMPQETJLFHROAXDIDXCMDTNVYG/","reference_id":"5OABQ5CMPQETJLFHROAXDIDXCMDTNVYG","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OABQ5CMPQETJLFHROAXDIDXCMDTNVYG/"},{"reference_url":"https://github.com/python/cpython/pull/93879","reference_id":"93879","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://github.com/python/cpython/pull/93879"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DISZAFSIQ7IAPAEQTC7G2Z5QUA2V2PSW/","reference_id":"DISZAFSIQ7IAPAEQTC7G2Z5QUA2V2PSW","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DISZAFSIQ7IAPAEQTC7G2Z5QUA2V2PSW/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPX4XHT2FGVQYLY2STT2MRVENILNZTTU/","reference_id":"HPX4XHT2FGVQYLY2STT2MRVENILNZTTU","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPX4XHT2FGVQYLY2STT2MRVENILNZTTU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I3MQT5ZE3QH5PVDJMERTBOCILHK35CBE/","reference_id":"I3MQT5ZE3QH5PVDJMERTBOCILHK35CBE","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I3MQT5ZE3QH5PVDJMERTBOCILHK35CBE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/","reference_id":"IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/"},{"reference_url":"https://bugs.python.org/issue43223","reference_id":"issue43223","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://bugs.python.org/issue43223"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRGKPYA5YHIXQAMRIXO5DSCX7D4UUW4Q/","reference_id":"KRGKPYA5YHIXQAMRIXO5DSCX7D4UUW4Q","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRGKPYA5YHIXQAMRIXO5DSCX7D4UUW4Q/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/","reference_id":"OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLE5INSVJUZJGY5OJXV6JREXWD7UDHYN/","reference_id":"QLE5INSVJUZJGY5OJXV6JREXWD7UDHYN","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLE5INSVJUZJGY5OJXV6JREXWD7UDHYN/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6766","reference_id":"RHSA-2022:6766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8353","reference_id":"RHSA-2022:8353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0833","reference_id":"RHSA-2023:0833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2763","reference_id":"RHSA-2023:2763","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2763"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2764","reference_id":"RHSA-2023:2764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2764"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S7G66SRWUM36ENQ3X6LAIG7HAB27D4XJ/","reference_id":"S7G66SRWUM36ENQ3X6LAIG7HAB27D4XJ","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S7G66SRWUM36ENQ3X6LAIG7HAB27D4XJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZEPOPUFC42KXXSLFPZ47ZZRGPOR7SQE/","reference_id":"TZEPOPUFC42KXXSLFPZ47ZZRGPOR7SQE","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZEPOPUFC42KXXSLFPZ47ZZRGPOR7SQE/"},{"reference_url":"https://usn.ubuntu.com/5629-1/","reference_id":"USN-5629-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5629-1/"},{"reference_url":"https://usn.ubuntu.com/5888-1/","reference_id":"USN-5888-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5888-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/","reference_id":"WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X46T4EFTIBXZRYTGASBDEZGYJINH2OWV/","reference_id":"X46T4EFTIBXZRYTGASBDEZGYJINH2OWV","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X46T4EFTIBXZRYTGASBDEZGYJINH2OWV/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75341?format=json","purl":"pkg:ebuild/dev-lang/python@3.8.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.8.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75342?format=json","purl":"pkg:ebuild/dev-lang/python@3.9.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.9.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75343?format=json","purl":"pkg:ebuild/dev-lang/python@3.10.8_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.10.8_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75344?format=json","purl":"pkg:ebuild/dev-lang/python@3.11.0_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.11.0_p2"},{"url":"http://public2.vulnerablecode.io/api/packages/75345?format=json","purl":"pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2"}],"aliases":["CVE-2021-28861"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4gsg-5e6s-63g4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38942?format=json","vulnerability_id":"VCID-a8mv-mr3q-vygz","summary":"Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42919.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42919","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09956","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10004","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0998","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10002","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10042","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10026","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09978","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09902","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11412","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11482","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11523","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1157","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11444","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11443","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1134","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11587","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11534","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11495","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11525","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11475","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42919"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2138705","reference_id":"2138705","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2138705"},{"reference_url":"https://github.com/python/cpython/issues/97514","reference_id":"97514","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://github.com/python/cpython/issues/97514"},{"reference_url":"https://github.com/python/cpython/issues/97514#issuecomment-1310277840","reference_id":"97514#issuecomment-1310277840","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://github.com/python/cpython/issues/97514#issuecomment-1310277840"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU/","reference_id":"FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221209-0006/","reference_id":"ntap-20221209-0006","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221209-0006/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH/","reference_id":"P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ/","reference_id":"PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/","reference_id":"QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI/","reference_id":"R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/","reference_id":"RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8492","reference_id":"RHSA-2022:8492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8493","reference_id":"RHSA-2022:8493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8493"},{"reference_url":"https://usn.ubuntu.com/5713-1/","reference_id":"USN-5713-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5713-1/"},{"reference_url":"https://usn.ubuntu.com/5888-1/","reference_id":"USN-5888-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5888-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://github.com/python/cpython/compare/v3.10.8...v3.10.9","reference_id":"v3.10.8...v3.10.9","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://github.com/python/cpython/compare/v3.10.8...v3.10.9"},{"reference_url":"https://github.com/python/cpython/compare/v3.9.15...v3.9.16","reference_id":"v3.9.15...v3.9.16","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://github.com/python/cpython/compare/v3.9.15...v3.9.16"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN/","reference_id":"VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XX6LLAXGZVZ327REY6MDZRMMP47LJ53P/","reference_id":"XX6LLAXGZVZ327REY6MDZRMMP47LJ53P","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XX6LLAXGZVZ327REY6MDZRMMP47LJ53P/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75341?format=json","purl":"pkg:ebuild/dev-lang/python@3.8.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.8.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75342?format=json","purl":"pkg:ebuild/dev-lang/python@3.9.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.9.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75343?format=json","purl":"pkg:ebuild/dev-lang/python@3.10.8_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.10.8_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75344?format=json","purl":"pkg:ebuild/dev-lang/python@3.11.0_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.11.0_p2"},{"url":"http://public2.vulnerablecode.io/api/packages/75345?format=json","purl":"pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2"}],"aliases":["CVE-2022-42919"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a8mv-mr3q-vygz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38829?format=json","vulnerability_id":"VCID-bqp2-x383-xqfh","summary":"Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-20107.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-20107.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-20107","reference_id":"","reference_type":"","scores":[{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75672","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75675","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75706","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75685","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75719","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.7573","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75754","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75735","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75729","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75767","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.7577","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75755","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75794","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.758","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75812","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.7582","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.7585","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75874","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75859","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75873","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75926","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-20107"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075390","reference_id":"2075390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6457","reference_id":"RHSA-2022:6457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6457"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6766","reference_id":"RHSA-2022:6766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7581","reference_id":"RHSA-2022:7581","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7581"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7592","reference_id":"RHSA-2022:7592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7593","reference_id":"RHSA-2022:7593","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7593"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8353","reference_id":"RHSA-2022:8353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8353"},{"reference_url":"https://usn.ubuntu.com/5519-1/","reference_id":"USN-5519-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5519-1/"},{"reference_url":"https://usn.ubuntu.com/5888-1/","reference_id":"USN-5888-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5888-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75341?format=json","purl":"pkg:ebuild/dev-lang/python@3.8.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.8.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75342?format=json","purl":"pkg:ebuild/dev-lang/python@3.9.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.9.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75343?format=json","purl":"pkg:ebuild/dev-lang/python@3.10.8_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.10.8_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75344?format=json","purl":"pkg:ebuild/dev-lang/python@3.11.0_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.11.0_p2"},{"url":"http://public2.vulnerablecode.io/api/packages/75345?format=json","purl":"pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2"}],"aliases":["CVE-2015-20107"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bqp2-x383-xqfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30515?format=json","vulnerability_id":"VCID-ewbq-2gm8-tyf5","summary":"Buffer overflow in sponge queue functions\n### Impact\n\nThe Keccak sponge function interface accepts partial inputs to be absorbed and partial outputs to be squeezed. A buffer can overflow when partial data with some specific sizes are queued, where at least one of them has a length of 2^32 - 200 bytes or more.\n\n### Patches\n\nYes, see commit [fdc6fef0](https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a).\n\n### Workarounds\n\nThe problem can be avoided by limiting the size of the partial input data (or partial output digest) below 2^32 - 200 bytes. Multiple calls to the queue system can be chained at a higher level to retain the original functionality. Alternatively, one can process the entire input (or produce the entire output) at once, avoiding the queuing functions altogether.\n\n### References\n\nSee [issue #105](https://github.com/XKCP/XKCP/issues/105) for more details.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37454.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37454.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37454","reference_id":"","reference_type":"","scores":[{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.79935","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.79894","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.79915","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.79903","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.79931","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.7994","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.7996","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.79943","published_at":"2026-04-12T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80499","published_at":"2026-04-29T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80475","published_at":"2026-04-24T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80449","published_at":"2026-04-21T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80446","published_at":"2026-04-18T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80444","published_at":"2026-04-16T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80558","published_at":"2026-05-09T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80537","published_at":"2026-05-07T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80569","published_at":"2026-05-12T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80552","published_at":"2026-05-11T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80515","published_at":"2026-05-05T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80482","published_at":"2026-04-26T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.8061","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37454"},{"reference_url":"https://csrc.nist.gov/projects/hash-functions/sha-3-project","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://csrc.nist.gov/projects/hash-functions/sha-3-project"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454"},{"reference_url":"https://eprint.iacr.org/2023/331","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://eprint.iacr.org/2023/331"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/johanns/sha3/commit/5f2e8118a62831911703c8753ff2435c3b5d7312","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/johanns/sha3/commit/5f2e8118a62831911703c8753ff2435c3b5d7312"},{"reference_url":"https://github.com/johanns/sha3/issues/17","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/johanns/sha3/issues/17"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sha3/CVE-2022-37454.yml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sha3/CVE-2022-37454.yml"},{"reference_url":"https://github.com/tiran/pysha3/issues/29","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tiran/pysha3/issues/29"},{"reference_url":"https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a"},{"reference_url":"https://github.com/XKCP/XKCP/issues/105","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/XKCP/XKCP/issues/105"},{"reference_url":"https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":""},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/"},{"reference_url":"https://mouha.be/sha-3-buffer-overflow","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mouha.be/sha-3-buffer-overflow"},{"reference_url":"https://mouha.be/sha-3-buffer-overflow/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://mouha.be/sha-3-buffer-overflow/"},{"reference_url":"https://news.ycombinator.com/item?id=33281106","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://news.ycombinator.com/item?id=33281106"},{"reference_url":"https://news.ycombinator.com/item?id=35050307","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://news.ycombinator.com/item?id=35050307"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37454","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37454"},{"reference_url":"https://security.gentoo.org/glsa/202305-02","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://security.gentoo.org/glsa/202305-02"},{"reference_url":"https://www.debian.org/security/2022/dsa-5267","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://www.debian.org/security/2022/dsa-5267"},{"reference_url":"https://www.debian.org/security/2022/dsa-5269","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://www.debian.org/security/2022/dsa-5269"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023030","reference_id":"1023030","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023030"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140200","reference_id":"2140200","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140200"},{"reference_url":"https://github.com/advisories/GHSA-6w4m-2xhg-2658","reference_id":"GHSA-6w4m-2xhg-2658","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6w4m-2xhg-2658"},{"reference_url":"https://security.gentoo.org/glsa/202211-03","reference_id":"GLSA-202211-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202211-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0848","reference_id":"RHSA-2023:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0965","reference_id":"RHSA-2023:0965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2417","reference_id":"RHSA-2023:2417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2417"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2903","reference_id":"RHSA-2023:2903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2903"},{"reference_url":"https://usn.ubuntu.com/5717-1/","reference_id":"USN-5717-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5717-1/"},{"reference_url":"https://usn.ubuntu.com/5767-1/","reference_id":"USN-5767-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5767-1/"},{"reference_url":"https://usn.ubuntu.com/5767-3/","reference_id":"USN-5767-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5767-3/"},{"reference_url":"https://usn.ubuntu.com/5888-1/","reference_id":"USN-5888-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5888-1/"},{"reference_url":"https://usn.ubuntu.com/5930-1/","reference_id":"USN-5930-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5930-1/"},{"reference_url":"https://usn.ubuntu.com/5931-1/","reference_id":"USN-5931-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5931-1/"},{"reference_url":"https://usn.ubuntu.com/6524-1/","reference_id":"USN-6524-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6524-1/"},{"reference_url":"https://usn.ubuntu.com/6525-1/","reference_id":"USN-6525-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6525-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75341?format=json","purl":"pkg:ebuild/dev-lang/python@3.8.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.8.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75342?format=json","purl":"pkg:ebuild/dev-lang/python@3.9.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.9.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75343?format=json","purl":"pkg:ebuild/dev-lang/python@3.10.8_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.10.8_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75344?format=json","purl":"pkg:ebuild/dev-lang/python@3.11.0_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.11.0_p2"},{"url":"http://public2.vulnerablecode.io/api/packages/75345?format=json","purl":"pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2"}],"aliases":["CVE-2022-37454","GHSA-6w4m-2xhg-2658"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ewbq-2gm8-tyf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6289?format=json","vulnerability_id":"VCID-pu6r-vafw-gfe4","summary":"The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy (if an SSLContext isn't given via proxy_config) doesn't verify the hostname of the certificate. This means certificates for different servers that still validate properly with the default urllib3 SSLContext will be silently accepted.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28363.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28363.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28363","reference_id":"","reference_type":"","scores":[{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.2885","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28454","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28526","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28639","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.2875","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28801","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28825","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28804","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28853","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28897","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28891","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28851","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28783","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28976","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28927","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29313","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29233","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29213","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29291","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29276","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29216","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28363"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28363","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28363"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2021-59.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2021-59.yaml"},{"reference_url":"https://github.com/pypa/advisory-db/tree/main/vulns/urllib3/PYSEC-2021-59.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-db/tree/main/vulns/urllib3/PYSEC-2021-59.yaml"},{"reference_url":"https://github.com/urllib3/urllib3","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/urllib3/urllib3"},{"reference_url":"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#1264-2021-03-15","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#1264-2021-03-15"},{"reference_url":"https://github.com/urllib3/urllib3/commit/8d65ea1ecf6e2cdc27d42124e587c1b83a3118b0","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/urllib3/urllib3/commit/8d65ea1ecf6e2cdc27d42124e587c1b83a3118b0"},{"reference_url":"https://github.com/urllib3/urllib3/commits/main","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/urllib3/urllib3/commits/main"},{"reference_url":"https://github.com/urllib3/urllib3/releases/tag/1.26.4","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/urllib3/urllib3/releases/tag/1.26.4"},{"reference_url":"https://github.com/urllib3/urllib3/security/advisories/GHSA-5phf-pp7p-vc2r","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/urllib3/urllib3/security/advisories/GHSA-5phf-pp7p-vc2r"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4S65ZQVZ2ODGB52IC7VJDBUK4M5INCXL","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4S65ZQVZ2ODGB52IC7VJDBUK4M5INCXL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4S65ZQVZ2ODGB52IC7VJDBUK4M5INCXL","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4S65ZQVZ2ODGB52IC7VJDBUK4M5INCXL"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28363","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28363"},{"reference_url":"https://pypi.org/project/urllib3/1.26.4","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pypi.org/project/urllib3/1.26.4"},{"reference_url":"https://pypi.org/project/urllib3/1.26.4/","reference_id":"","reference_type":"","scores":[],"url":"https://pypi.org/project/urllib3/1.26.4/"},{"reference_url":"https://security.gentoo.org/glsa/202107-36","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202107-36"},{"reference_url":"https://security.gentoo.org/glsa/202305-02","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202305-02"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0007","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240621-0007"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1945136","reference_id":"1945136","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1945136"},{"reference_url":"https://security.archlinux.org/AVG-1691","reference_id":"AVG-1691","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1691"},{"reference_url":"https://github.com/advisories/GHSA-5phf-pp7p-vc2r","reference_id":"GHSA-5phf-pp7p-vc2r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5phf-pp7p-vc2r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75341?format=json","purl":"pkg:ebuild/dev-lang/python@3.8.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.8.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75342?format=json","purl":"pkg:ebuild/dev-lang/python@3.9.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.9.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75343?format=json","purl":"pkg:ebuild/dev-lang/python@3.10.8_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.10.8_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75344?format=json","purl":"pkg:ebuild/dev-lang/python@3.11.0_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.11.0_p2"},{"url":"http://public2.vulnerablecode.io/api/packages/75345?format=json","purl":"pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2"}],"aliases":["CVE-2021-28363","GHSA-5phf-pp7p-vc2r","PYSEC-2021-59"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pu6r-vafw-gfe4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38959?format=json","vulnerability_id":"VCID-qqh6-evfk-1fgy","summary":"Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45061.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45061.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-45061","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29338","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29264","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29236","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29209","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29387","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.292","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29262","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29308","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29304","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31557","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31146","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31224","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.3135","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31524","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32035","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.31944","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32039","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.3203","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.31964","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.31967","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-45061"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2144072","reference_id":"2144072","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2144072"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/","reference_id":"2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/","reference_id":"35YDIWCUMWTMDBWFRAVENFH6BLB65D6S","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/","reference_id":"4WBZJNSALFGMPYTINIF57HAAK46U72WQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/","reference_id":"63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/","reference_id":"7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/"},{"reference_url":"https://github.com/python/cpython/issues/98433","reference_id":"98433","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://github.com/python/cpython/issues/98433"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/","reference_id":"B3YI6JYARWU6GULWOHNUROSACT54XFFS","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/","reference_id":"B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/","reference_id":"BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/","reference_id":"GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/","reference_id":"IN26PWZTYG6IF3APLRXQJBVACQHZUPT2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/","reference_id":"JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/","reference_id":"JTYVESWVBPD57ZJC35G5722Q6TS37WSB","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/","reference_id":"KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/","reference_id":"LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html","reference_id":"msg00039.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221209-0007/","reference_id":"ntap-20221209-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221209-0007/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/","reference_id":"O67LRHDTJWH544KXB6KY4HMHQLYDXFPK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/","reference_id":"ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/","reference_id":"PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/","reference_id":"QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/","reference_id":"QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/","reference_id":"RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/","reference_id":"RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0833","reference_id":"RHSA-2023:0833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0953","reference_id":"RHSA-2023:0953","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0953"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2763","reference_id":"RHSA-2023:2763","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2763"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2764","reference_id":"RHSA-2023:2764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2764"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2860","reference_id":"RHSA-2023:2860","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2860"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6793","reference_id":"RHSA-2023:6793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0430","reference_id":"RHSA-2024:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0430"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/","reference_id":"RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/","reference_id":"T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/","reference_id":"UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/"},{"reference_url":"https://usn.ubuntu.com/5767-1/","reference_id":"USN-5767-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5767-1/"},{"reference_url":"https://usn.ubuntu.com/5767-2/","reference_id":"USN-5767-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5767-2/"},{"reference_url":"https://usn.ubuntu.com/5888-1/","reference_id":"USN-5888-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5888-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/7212-1/","reference_id":"USN-7212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7212-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/","reference_id":"VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/","reference_id":"X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/","reference_id":"XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/","reference_id":"YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/","reference_id":"ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75341?format=json","purl":"pkg:ebuild/dev-lang/python@3.8.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.8.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75342?format=json","purl":"pkg:ebuild/dev-lang/python@3.9.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.9.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75343?format=json","purl":"pkg:ebuild/dev-lang/python@3.10.8_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.10.8_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75344?format=json","purl":"pkg:ebuild/dev-lang/python@3.11.0_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.11.0_p2"},{"url":"http://public2.vulnerablecode.io/api/packages/75345?format=json","purl":"pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2"}],"aliases":["CVE-2022-45061"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qqh6-evfk-1fgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38909?format=json","vulnerability_id":"VCID-vpwj-d49q-1uh8","summary":"Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0391.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0391.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0391","reference_id":"","reference_type":"","scores":[{"value":"0.01214","scoring_system":"epss","scoring_elements":"0.7912","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01214","scoring_system":"epss","scoring_elements":"0.79099","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01214","scoring_system":"epss","scoring_elements":"0.79137","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01214","scoring_system":"epss","scoring_elements":"0.7915","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01214","scoring_system":"epss","scoring_elements":"0.79135","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01214","scoring_system":"epss","scoring_elements":"0.79186","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79835","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79807","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79815","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79823","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79852","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.7986","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79882","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79865","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79857","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79885","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79886","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79889","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79918","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79924","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79941","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2047376","reference_id":"2047376","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2047376"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/","reference_id":"CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/"},{"reference_url":"https://bugs.python.org/issue43882","reference_id":"issue43882","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://bugs.python.org/issue43882"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220225-0009/","reference_id":"ntap-20220225-0009","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220225-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1663","reference_id":"RHSA-2022:1663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1764","reference_id":"RHSA-2022:1764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1764"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1821","reference_id":"RHSA-2022:1821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6457","reference_id":"RHSA-2022:6457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6457"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/","reference_id":"UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/"},{"reference_url":"https://usn.ubuntu.com/5342-1/","reference_id":"USN-5342-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5342-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5342-2/","reference_id":"USN-USN-5342-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5342-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75341?format=json","purl":"pkg:ebuild/dev-lang/python@3.8.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.8.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75342?format=json","purl":"pkg:ebuild/dev-lang/python@3.9.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.9.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75343?format=json","purl":"pkg:ebuild/dev-lang/python@3.10.8_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.10.8_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75344?format=json","purl":"pkg:ebuild/dev-lang/python@3.11.0_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.11.0_p2"},{"url":"http://public2.vulnerablecode.io/api/packages/75345?format=json","purl":"pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2"}],"aliases":["CVE-2022-0391"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vpwj-d49q-1uh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38889?format=json","vulnerability_id":"VCID-z48d-eyxz-bycq","summary":"Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29921.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29921.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29921","reference_id":"","reference_type":"","scores":[{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83792","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.84039","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83988","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.84005","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83805","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83819","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83821","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83845","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83851","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83868","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83862","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83857","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.8389","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83891","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83916","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83924","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83928","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83951","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83972","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83989","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1957458","reference_id":"1957458","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1957458"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989195","reference_id":"989195","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989195"},{"reference_url":"https://security.archlinux.org/AVG-1913","reference_id":"AVG-1913","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1913"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4160","reference_id":"RHSA-2021:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4162","reference_id":"RHSA-2021:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4162"},{"reference_url":"https://usn.ubuntu.com/4973-1/","reference_id":"USN-4973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4973-1/"},{"reference_url":"https://usn.ubuntu.com/4973-2/","reference_id":"USN-4973-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4973-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75341?format=json","purl":"pkg:ebuild/dev-lang/python@3.8.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.8.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75342?format=json","purl":"pkg:ebuild/dev-lang/python@3.9.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.9.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75343?format=json","purl":"pkg:ebuild/dev-lang/python@3.10.8_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.10.8_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75344?format=json","purl":"pkg:ebuild/dev-lang/python@3.11.0_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.11.0_p2"},{"url":"http://public2.vulnerablecode.io/api/packages/75345?format=json","purl":"pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2"}],"aliases":["CVE-2021-29921"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z48d-eyxz-bycq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13153?format=json","vulnerability_id":"VCID-zwuz-pgjz-rkb9","summary":"URL Redirection to Untrusted Site ('Open Redirect')\nA vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3654.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3654.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3654","reference_id":"","reference_type":"","scores":[{"value":"0.87234","scoring_system":"epss","scoring_elements":"0.99455","published_at":"2026-04-29T12:55:00Z"},{"value":"0.87234","scoring_system":"epss","scoring_elements":"0.99452","published_at":"2026-04-18T12:55:00Z"},{"value":"0.87234","scoring_system":"epss","scoring_elements":"0.99453","published_at":"2026-04-21T12:55:00Z"},{"value":"0.87248","scoring_system":"epss","scoring_elements":"0.99445","published_at":"2026-04-04T12:55:00Z"},{"value":"0.87248","scoring_system":"epss","scoring_elements":"0.99453","published_at":"2026-04-16T12:55:00Z"},{"value":"0.87248","scoring_system":"epss","scoring_elements":"0.9945","published_at":"2026-04-13T12:55:00Z"},{"value":"0.87248","scoring_system":"epss","scoring_elements":"0.99449","published_at":"2026-04-11T12:55:00Z"},{"value":"0.87248","scoring_system":"epss","scoring_elements":"0.99448","published_at":"2026-04-09T12:55:00Z"},{"value":"0.87248","scoring_system":"epss","scoring_elements":"0.99446","published_at":"2026-04-07T12:55:00Z"},{"value":"0.87248","scoring_system":"epss","scoring_elements":"0.99444","published_at":"2026-04-02T12:55:00Z"},{"value":"0.88366","scoring_system":"epss","scoring_elements":"0.99507","published_at":"2026-05-11T12:55:00Z"},{"value":"0.88366","scoring_system":"epss","scoring_elements":"0.99504","published_at":"2026-05-07T12:55:00Z"},{"value":"0.88366","scoring_system":"epss","scoring_elements":"0.99505","published_at":"2026-05-09T12:55:00Z"},{"value":"0.88366","scoring_system":"epss","scoring_elements":"0.99508","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3654"},{"reference_url":"https://bugs.launchpad.net/nova/+bug/1927677","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.launchpad.net/nova/+bug/1927677"},{"reference_url":"https://bugs.python.org/issue32084","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.python.org/issue32084"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1961439","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1961439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3654"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://opendev.org/openstack/nova","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://opendev.org/openstack/nova"},{"reference_url":"https://opendev.org/openstack/nova/commit/04d48527b62a35d912f93bc75613a6cca606df66","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://opendev.org/openstack/nova/commit/04d48527b62a35d912f93bc75613a6cca606df66"},{"reference_url":"https://opendev.org/openstack/nova/commit/8906552cfc2525a44251d4cf313ece61e57251eb","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://opendev.org/openstack/nova/commit/8906552cfc2525a44251d4cf313ece61e57251eb"},{"reference_url":"https://security.gentoo.org/glsa/202305-02","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202305-02"},{"reference_url":"https://security.openstack.org/ossa/OSSA-2021-002.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.openstack.org/ossa/OSSA-2021-002.html"},{"reference_url":"https://www.openwall.com/lists/oss-security/2021/07/29/2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.openwall.com/lists/oss-security/2021/07/29/2"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991441","reference_id":"991441","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991441"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3654","reference_id":"CVE-2021-3654","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3654"},{"reference_url":"https://github.com/advisories/GHSA-vqp6-j452-j6wp","reference_id":"GHSA-vqp6-j452-j6wp","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vqp6-j452-j6wp"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0983","reference_id":"RHSA-2022:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0999","reference_id":"RHSA-2022:0999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0999"},{"reference_url":"https://usn.ubuntu.com/5866-1/","reference_id":"USN-5866-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5866-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75341?format=json","purl":"pkg:ebuild/dev-lang/python@3.8.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.8.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75342?format=json","purl":"pkg:ebuild/dev-lang/python@3.9.15_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.9.15_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75343?format=json","purl":"pkg:ebuild/dev-lang/python@3.10.8_p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.10.8_p3"},{"url":"http://public2.vulnerablecode.io/api/packages/75344?format=json","purl":"pkg:ebuild/dev-lang/python@3.11.0_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.11.0_p2"},{"url":"http://public2.vulnerablecode.io/api/packages/75345?format=json","purl":"pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.12.0_alpha1_p2"}],"aliases":["CVE-2021-3654","GHSA-vqp6-j452-j6wp"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zwuz-pgjz-rkb9"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.8.15_p3"}