{"url":"http://public2.vulnerablecode.io/api/packages/87345?format=json","purl":"pkg:rpm/redhat/ceph@2:18.2.1-381?arch=el8cp","type":"rpm","namespace":"redhat","name":"ceph","version":"2:18.2.1-381","qualifiers":{"arch":"el8cp"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64960?format=json","vulnerability_id":"VCID-18bk-met9-qfc9","summary":"pybind: Improper use of Pybind","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31884.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31884.json"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31884","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31884"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126573","reference_id":"1126573","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126573"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389907","reference_id":"2389907","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2711","reference_id":"RHSA-2026:2711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2737","reference_id":"RHSA-2026:2737","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2737"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2800","reference_id":"RHSA-2026:2800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2800"},{"reference_url":"https://usn.ubuntu.com/8045-1/","reference_id":"USN-8045-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8045-1/"}],"fixed_packages":[],"aliases":["CVE-2024-31884"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-18bk-met9-qfc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66482?format=json","vulnerability_id":"VCID-1yz5-m9s7-nqdm","summary":"rgw: RGW DoS attack with empty HTTP header in S3 object copy","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47866.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47866.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47866","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37365","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37504","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37482","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37392","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37276","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37344","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40504","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.405","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40541","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40424","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40484","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40532","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41399","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43591","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43629","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43654","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43642","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47866"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47866","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47866"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120797","reference_id":"1120797","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120797"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392386","reference_id":"2392386","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392386"},{"reference_url":"https://github.com/ceph/ceph/security/advisories/GHSA-mgrm-g92q-f8h8","reference_id":"GHSA-mgrm-g92q-f8h8","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-11T15:29:41Z/"}],"url":"https://github.com/ceph/ceph/security/advisories/GHSA-mgrm-g92q-f8h8"},{"reference_url":"https://usn.ubuntu.com/8045-1/","reference_id":"USN-8045-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8045-1/"}],"fixed_packages":[],"aliases":["CVE-2024-47866"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1yz5-m9s7-nqdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48833?format=json","vulnerability_id":"VCID-864e-hkby-qfh6","summary":"Arbitrary Code Execution in underscore\nThe package `underscore` from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Execution via the template function, particularly when a variable property is passed as an argument as it is not sanitized.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23358.json","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23358.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-23358","reference_id":"","reference_type":"","scores":[{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77961","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77944","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77914","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77819","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.7788","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77848","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77853","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77855","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77818","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77835","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77809","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77804","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77777","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77793","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77767","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.7776","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77903","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77888","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-23358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358"},{"reference_url":"http://seclists.org/fulldisclosure/2025/Apr/14","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2025/Apr/14"},{"reference_url":"https://github.com/jashkenas/underscore","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jashkenas/underscore"},{"reference_url":"https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71"},{"reference_url":"https://github.com/jashkenas/underscore/commit/4c73526d43838ad6ab43a6134728776632adeb66","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jashkenas/underscore/commit/4c73526d43838ad6ab43a6134728776632adeb66"},{"reference_url":"https://github.com/jashkenas/underscore/pull/2917","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jashkenas/underscore/pull/2917"},{"reference_url":"https://github.com/jashkenas/underscore/releases/tag/1.12.1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jashkenas/underscore/releases/tag/1.12.1"},{"reference_url":"https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1@%3Cissues.cordova.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1@%3Cissues.cordova.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1%40%3Cissues.cordova.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1%40%3Cissues.cordova.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306@%3Cissues.cordova.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306@%3Cissues.cordova.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306%40%3Cissues.cordova.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306%40%3Cissues.cordova.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba@%3Cissues.cordova.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba@%3Cissues.cordova.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba%40%3Cissues.cordova.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba%40%3Cissues.cordova.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039@%3Cissues.cordova.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039@%3Cissues.cordova.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039%40%3Cissues.cordova.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039%40%3Cissues.cordova.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf@%3Cissues.cordova.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf@%3Cissues.cordova.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf%40%3Cissues.cordova.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf%40%3Cissues.cordova.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-23358","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-23358"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240808-0003","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240808-0003"},{"reference_url":"https://security.netapp.com/advisory/ntap-20241108-0002","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20241108-0002"},{"reference_url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504"},{"reference_url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505"},{"reference_url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503"},{"reference_url":"https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984"},{"reference_url":"https://www.debian.org/security/2021/dsa-4883","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://www.debian.org/security/2021/dsa-4883"},{"reference_url":"https://www.npmjs.com/package/underscore","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.npmjs.com/package/underscore"},{"reference_url":"https://www.tenable.com/security/tns-2021-14","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://www.tenable.com/security/tns-2021-14"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1944286","reference_id":"1944286","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1944286"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986171","reference_id":"986171","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986171"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/","reference_id":"EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/","reference_id":"FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/"},{"reference_url":"https://github.com/advisories/GHSA-cf4h-3jhx-xvhq","reference_id":"GHSA-cf4h-3jhx-xvhq","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cf4h-3jhx-xvhq"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1448","reference_id":"RHSA-2021:1448","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1448"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2865","reference_id":"RHSA-2021:2865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6393","reference_id":"RHSA-2022:6393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2737","reference_id":"RHSA-2026:2737","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2737"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3406","reference_id":"RHSA-2026:3406","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3406"},{"reference_url":"https://usn.ubuntu.com/4913-1/","reference_id":"USN-4913-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4913-1/"},{"reference_url":"https://usn.ubuntu.com/4913-2/","reference_id":"USN-4913-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4913-2/"}],"fixed_packages":[],"aliases":["CVE-2021-23358","GHSA-cf4h-3jhx-xvhq"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-864e-hkby-qfh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26996?format=json","vulnerability_id":"VCID-h8nr-tcb7-93em","summary":"Cross-site Scripting (XSS) in serialize-javascript\nA flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.","references":[{"reference_url":"https://access.redhat.com/errata/RHBA-2025:0304","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHBA-2025:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0381","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:0381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10853","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1334","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:1334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1468","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:1468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21068","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21068"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21203","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21203"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3870","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4511","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:4511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8059","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8078","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8233","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8479","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8512","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8544","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8551","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9294","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9294"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1536","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:1536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2769","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:2769"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11831.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11831.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-11831","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-11831"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11831","reference_id":"","reference_type":"","scores":[{"value":"0.00938","scoring_system":"epss","scoring_elements":"0.76268","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00938","scoring_system":"epss","scoring_elements":"0.7623","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78158","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78015","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78041","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78024","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78022","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78058","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78056","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01129","scoring_system":"epss","scoring_elements":"0.78368","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01129","scoring_system":"epss","scoring_elements":"0.78271","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01129","scoring_system":"epss","scoring_elements":"0.78297","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01129","scoring_system":"epss","scoring_elements":"0.78423","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01129","scoring_system":"epss","scoring_elements":"0.78398","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01129","scoring_system":"epss","scoring_elements":"0.78259","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01129","scoring_system":"epss","scoring_elements":"0.7829","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01129","scoring_system":"epss","scoring_elements":"0.78385","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11831"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2312579","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2312579"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/yahoo/serialize-javascript","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/yahoo/serialize-javascript"},{"reference_url":"https://github.com/yahoo/serialize-javascript/commit/7f3ac252d86b802454cb43782820aea2e0f6dc25","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/yahoo/serialize-javascript/commit/7f3ac252d86b802454cb43782820aea2e0f6dc25"},{"reference_url":"https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e"},{"reference_url":"https://github.com/yahoo/serialize-javascript/pull/173","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://github.com/yahoo/serialize-javascript/pull/173"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-11831","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-11831"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095767","reference_id":"1095767","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095767"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:acm:2","reference_id":"cpe:/a:redhat:acm:2","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:acm:2"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4","reference_id":"cpe:/a:redhat:advanced_cluster_security:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.4::el8","reference_id":"cpe:/a:redhat:advanced_cluster_security:4.4::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.4::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.5::el8","reference_id":"cpe:/a:redhat:advanced_cluster_security:4.5::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.5::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2","reference_id":"cpe:/a:redhat:ansible_automation_platform:2","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:apache_camel_hawtio:4","reference_id":"cpe:/a:redhat:apache_camel_hawtio:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:apache_camel_hawtio:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7","reference_id":"cpe:/a:redhat:ceph_storage:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7.1::el8","reference_id":"cpe:/a:redhat:ceph_storage:7.1::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7.1::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7.1::el9","reference_id":"cpe:/a:redhat:ceph_storage:7.1::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7.1::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8","reference_id":"cpe:/a:redhat:ceph_storage:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8.1::el9","reference_id":"cpe:/a:redhat:ceph_storage:8.1::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8.1::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9","reference_id":"cpe:/a:redhat:ceph_storage:8::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:9","reference_id":"cpe:/a:redhat:ceph_storage:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:9.0::el10","reference_id":"cpe:/a:redhat:ceph_storage:9.0::el10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:9.0::el10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:9.0::el9","reference_id":"cpe:/a:redhat:ceph_storage:9.0::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:9.0::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cryostat:3","reference_id":"cpe:/a:redhat:cryostat:3","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cryostat:3"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1","reference_id":"cpe:/a:redhat:discovery:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:integration:1","reference_id":"cpe:/a:redhat:integration:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:integration:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8","reference_id":"cpe:/a:redhat:jboss_data_grid:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp","reference_id":"cpe:/a:redhat:jbosseapxp","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7","reference_id":"cpe:/a:redhat:jboss_enterprise_application_platform:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8","reference_id":"cpe:/a:redhat:jboss_enterprise_application_platform:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7","reference_id":"cpe:/a:redhat:jboss_enterprise_bpms_platform:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7","reference_id":"cpe:/a:redhat:jboss_fuse:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5","reference_id":"cpe:/a:redhat:logging:5","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_virtualization:2","reference_id":"cpe:/a:redhat:migration_toolkit_virtualization:2","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_virtualization:2"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11","reference_id":"cpe:/a:redhat:openshift:3.11","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ai","reference_id":"cpe:/a:redhat:openshift_ai","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ai"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.14::el9","reference_id":"cpe:/a:redhat:openshift_data_foundation:4.14::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.14::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.15::el9","reference_id":"cpe:/a:redhat:openshift_data_foundation:4.15::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.15::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.16::el9","reference_id":"cpe:/a:redhat:openshift_data_foundation:4.16::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.16::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.17::el9","reference_id":"cpe:/a:redhat:openshift_data_foundation:4.17::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.17::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.18::el9","reference_id":"cpe:/a:redhat:openshift_data_foundation:4.18::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.18::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_devspaces:3","reference_id":"cpe:/a:redhat:openshift_devspaces:3","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_devspaces:3"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_distributed_tracing:3","reference_id":"cpe:/a:redhat:openshift_distributed_tracing:3","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_distributed_tracing:3"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_lightspeed","reference_id":"cpe:/a:redhat:openshift_lightspeed","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_lightspeed"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1","reference_id":"cpe:/a:redhat:openshift_pipelines:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.14::el8","reference_id":"cpe:/a:redhat:openshift_pipelines:1.14::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.14::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.15::el8","reference_id":"cpe:/a:redhat:openshift_pipelines:1.15::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.15::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.16::el8","reference_id":"cpe:/a:redhat:openshift_pipelines:1.16::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.16::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.17::el8","reference_id":"cpe:/a:redhat:openshift_pipelines:1.17::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.17::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.18::el9","reference_id":"cpe:/a:redhat:openshift_pipelines:1.18::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.18::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.19::el9","reference_id":"cpe:/a:redhat:openshift_pipelines:1.19::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.19::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:optaplanner:::el6","reference_id":"cpe:/a:redhat:optaplanner:::el6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:optaplanner:::el6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quay:3","reference_id":"cpe:/a:redhat:quay:3","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quay:3"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_3scale_amp:2","reference_id":"cpe:/a:redhat:red_hat_3scale_amp:2","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_3scale_amp:2"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7","reference_id":"cpe:/a:redhat:red_hat_single_sign_on:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhdh:1","reference_id":"cpe:/a:redhat:rhdh:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhdh:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_dotnet:6.0","reference_id":"cpe:/a:redhat:rhel_dotnet:6.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_dotnet:6.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:satellite:6","reference_id":"cpe:/a:redhat:satellite:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:satellite:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1","reference_id":"cpe:/a:redhat:serverless:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_mesh:2","reference_id":"cpe:/a:redhat:service_mesh:2","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_mesh:2"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_registry:2","reference_id":"cpe:/a:redhat:service_registry:2","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_registry:2"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:trusted_profile_analyzer:1","reference_id":"cpe:/a:redhat:trusted_profile_analyzer:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:trusted_profile_analyzer:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://github.com/advisories/GHSA-76p7-773f-r4q5","reference_id":"GHSA-76p7-773f-r4q5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-76p7-773f-r4q5"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8568","reference_id":"RHSA-2026:8568","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:8568"}],"fixed_packages":[],"aliases":["CVE-2024-11831","GHSA-76p7-773f-r4q5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h8nr-tcb7-93em"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66412?format=json","vulnerability_id":"VCID-hay4-q9m3-ekdj","summary":"crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61729.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61729.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61729","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01529","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01544","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01538","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.0591","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06141","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06153","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06363","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06351","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06325","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06307","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0614","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06124","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06166","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06204","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06195","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0619","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06181","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61729"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121847","reference_id":"1121847","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121847"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121848","reference_id":"1121848","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121848"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418462","reference_id":"2418462","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418462"},{"reference_url":"https://go.dev/cl/725920","reference_id":"725920","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:52:36Z/"}],"url":"https://go.dev/cl/725920"},{"reference_url":"https://go.dev/issue/76445","reference_id":"76445","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:52:36Z/"}],"url":"https://go.dev/issue/76445"},{"reference_url":"https://groups.google.com/g/golang-announce/c/8FJoBkPddm4","reference_id":"8FJoBkPddm4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:52:36Z/"}],"url":"https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-4155","reference_id":"GO-2025-4155","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:52:36Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-4155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0921","reference_id":"RHSA-2026:0921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0922","reference_id":"RHSA-2026:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0923","reference_id":"RHSA-2026:0923","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0923"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0981","reference_id":"RHSA-2026:0981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0990","reference_id":"RHSA-2026:0990","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0990"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1018","reference_id":"RHSA-2026:1018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10184","reference_id":"RHSA-2026:10184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10225","reference_id":"RHSA-2026:10225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10250","reference_id":"RHSA-2026:10250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1038","reference_id":"RHSA-2026:1038","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1042","reference_id":"RHSA-2026:1042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10698","reference_id":"RHSA-2026:10698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11408","reference_id":"RHSA-2026:11408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1166","reference_id":"RHSA-2026:1166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1168","reference_id":"RHSA-2026:1168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11749","reference_id":"RHSA-2026:11749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12028","reference_id":"RHSA-2026:12028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12029","reference_id":"RHSA-2026:12029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12030","reference_id":"RHSA-2026:12030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12031","reference_id":"RHSA-2026:12031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12032","reference_id":"RHSA-2026:12032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12033","reference_id":"RHSA-2026:12033","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12279","reference_id":"RHSA-2026:12279","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12279"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1249","reference_id":"RHSA-2026:1249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1344","reference_id":"RHSA-2026:1344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13542","reference_id":"RHSA-2026:13542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13571","reference_id":"RHSA-2026:13571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1416","reference_id":"RHSA-2026:1416","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1416"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1431","reference_id":"RHSA-2026:1431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14868","reference_id":"RHSA-2026:14868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1497","reference_id":"RHSA-2026:1497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1506","reference_id":"RHSA-2026:1506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1517","reference_id":"RHSA-2026:1517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1518","reference_id":"RHSA-2026:1518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1715","reference_id":"RHSA-2026:1715","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1715"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1813","reference_id":"RHSA-2026:1813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1814","reference_id":"RHSA-2026:1814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1845","reference_id":"RHSA-2026:1845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1896","reference_id":"RHSA-2026:1896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1907","reference_id":"RHSA-2026:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1908","reference_id":"RHSA-2026:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1938","reference_id":"RHSA-2026:1938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1942","reference_id":"RHSA-2026:1942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2123","reference_id":"RHSA-2026:2123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2124","reference_id":"RHSA-2026:2124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2133","reference_id":"RHSA-2026:2133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2136","reference_id":"RHSA-2026:2136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2138","reference_id":"RHSA-2026:2138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2144","reference_id":"RHSA-2026:2144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2146","reference_id":"RHSA-2026:2146","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2146"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2147","reference_id":"RHSA-2026:2147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2148","reference_id":"RHSA-2026:2148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2149","reference_id":"RHSA-2026:2149","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2149"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2201","reference_id":"RHSA-2026:2201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2217","reference_id":"RHSA-2026:2217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2218","reference_id":"RHSA-2026:2218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2219","reference_id":"RHSA-2026:2219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2223","reference_id":"RHSA-2026:2223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2265","reference_id":"RHSA-2026:2265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2320","reference_id":"RHSA-2026:2320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2323","reference_id":"RHSA-2026:2323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2334","reference_id":"RHSA-2026:2334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2343","reference_id":"RHSA-2026:2343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2367","reference_id":"RHSA-2026:2367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2371","reference_id":"RHSA-2026:2371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2374","reference_id":"RHSA-2026:2374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2375","reference_id":"RHSA-2026:2375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2376","reference_id":"RHSA-2026:2376","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2441","reference_id":"RHSA-2026:2441","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2441"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2454","reference_id":"RHSA-2026:2454","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2454"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2456","reference_id":"RHSA-2026:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2571","reference_id":"RHSA-2026:2571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2654","reference_id":"RHSA-2026:2654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2675","reference_id":"RHSA-2026:2675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2681","reference_id":"RHSA-2026:2681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2754","reference_id":"RHSA-2026:2754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2762","reference_id":"RHSA-2026:2762","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2762"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2914","reference_id":"RHSA-2026:2914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2914"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2920","reference_id":"RHSA-2026:2920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2921","reference_id":"RHSA-2026:2921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2922","reference_id":"RHSA-2026:2922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2926","reference_id":"RHSA-2026:2926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2927","reference_id":"RHSA-2026:2927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2951","reference_id":"RHSA-2026:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3035","reference_id":"RHSA-2026:3035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3040","reference_id":"RHSA-2026:3040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3053","reference_id":"RHSA-2026:3053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3087","reference_id":"RHSA-2026:3087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3104","reference_id":"RHSA-2026:3104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3104"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3107","reference_id":"RHSA-2026:3107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3108","reference_id":"RHSA-2026:3108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3111","reference_id":"RHSA-2026:3111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3184","reference_id":"RHSA-2026:3184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3287","reference_id":"RHSA-2026:3287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3288","reference_id":"RHSA-2026:3288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3289","reference_id":"RHSA-2026:3289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3291","reference_id":"RHSA-2026:3291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3296","reference_id":"RHSA-2026:3296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3297","reference_id":"RHSA-2026:3297","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3297"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3298","reference_id":"RHSA-2026:3298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3336","reference_id":"RHSA-2026:3336","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3336"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3337","reference_id":"RHSA-2026:3337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3340","reference_id":"RHSA-2026:3340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3341","reference_id":"RHSA-2026:3341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3343","reference_id":"RHSA-2026:3343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3428","reference_id":"RHSA-2026:3428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3459","reference_id":"RHSA-2026:3459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3506","reference_id":"RHSA-2026:3506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3713","reference_id":"RHSA-2026:3713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3752","reference_id":"RHSA-2026:3752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3753","reference_id":"RHSA-2026:3753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3782","reference_id":"RHSA-2026:3782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3812","reference_id":"RHSA-2026:3812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3815","reference_id":"RHSA-2026:3815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3816","reference_id":"RHSA-2026:3816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3817","reference_id":"RHSA-2026:3817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3818","reference_id":"RHSA-2026:3818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3820","reference_id":"RHSA-2026:3820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3821","reference_id":"RHSA-2026:3821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3822","reference_id":"RHSA-2026:3822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3827","reference_id":"RHSA-2026:3827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3831","reference_id":"RHSA-2026:3831","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3831"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3833","reference_id":"RHSA-2026:3833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3835","reference_id":"RHSA-2026:3835","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3835"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3836","reference_id":"RHSA-2026:3836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3838","reference_id":"RHSA-2026:3838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3839","reference_id":"RHSA-2026:3839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3840","reference_id":"RHSA-2026:3840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3841","reference_id":"RHSA-2026:3841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3843","reference_id":"RHSA-2026:3843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3854","reference_id":"RHSA-2026:3854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3864","reference_id":"RHSA-2026:3864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3879","reference_id":"RHSA-2026:3879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3880","reference_id":"RHSA-2026:3880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3884","reference_id":"RHSA-2026:3884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3905","reference_id":"RHSA-2026:3905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3928","reference_id":"RHSA-2026:3928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3929","reference_id":"RHSA-2026:3929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3930","reference_id":"RHSA-2026:3930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3931","reference_id":"RHSA-2026:3931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3932","reference_id":"RHSA-2026:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3970","reference_id":"RHSA-2026:3970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3970"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3971","reference_id":"RHSA-2026:3971","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3971"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3972","reference_id":"RHSA-2026:3972","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3972"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3973","reference_id":"RHSA-2026:3973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3973"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3974","reference_id":"RHSA-2026:3974","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3974"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4164","reference_id":"RHSA-2026:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4166","reference_id":"RHSA-2026:4166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4185","reference_id":"RHSA-2026:4185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4211","reference_id":"RHSA-2026:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4215","reference_id":"RHSA-2026:4215","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4270","reference_id":"RHSA-2026:4270","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4270"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4276","reference_id":"RHSA-2026:4276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4434","reference_id":"RHSA-2026:4434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4464","reference_id":"RHSA-2026:4464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4466","reference_id":"RHSA-2026:4466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4467","reference_id":"RHSA-2026:4467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4498","reference_id":"RHSA-2026:4498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4500","reference_id":"RHSA-2026:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4510","reference_id":"RHSA-2026:4510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4753","reference_id":"RHSA-2026:4753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4892","reference_id":"RHSA-2026:4892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4901","reference_id":"RHSA-2026:4901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4907","reference_id":"RHSA-2026:4907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4936","reference_id":"RHSA-2026:4936","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4936"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4939","reference_id":"RHSA-2026:4939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4942","reference_id":"RHSA-2026:4942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4952","reference_id":"RHSA-2026:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5022","reference_id":"RHSA-2026:5022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5030","reference_id":"RHSA-2026:5030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5031","reference_id":"RHSA-2026:5031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5076","reference_id":"RHSA-2026:5076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5077","reference_id":"RHSA-2026:5077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5078","reference_id":"RHSA-2026:5078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5079","reference_id":"RHSA-2026:5079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5110","reference_id":"RHSA-2026:5110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5146","reference_id":"RHSA-2026:5146","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5146"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5327","reference_id":"RHSA-2026:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5394","reference_id":"RHSA-2026:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5461","reference_id":"RHSA-2026:5461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5533","reference_id":"RHSA-2026:5533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5544","reference_id":"RHSA-2026:5544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5636","reference_id":"RHSA-2026:5636","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5636"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5645","reference_id":"RHSA-2026:5645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5807","reference_id":"RHSA-2026:5807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5851","reference_id":"RHSA-2026:5851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5852","reference_id":"RHSA-2026:5852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5853","reference_id":"RHSA-2026:5853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5866","reference_id":"RHSA-2026:5866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6184","reference_id":"RHSA-2026:6184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6192","reference_id":"RHSA-2026:6192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6226","reference_id":"RHSA-2026:6226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6428","reference_id":"RHSA-2026:6428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6568","reference_id":"RHSA-2026:6568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7052","reference_id":"RHSA-2026:7052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7676","reference_id":"RHSA-2026:7676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7676"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7854","reference_id":"RHSA-2026:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7942","reference_id":"RHSA-2026:7942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8151","reference_id":"RHSA-2026:8151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8167","reference_id":"RHSA-2026:8167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8218","reference_id":"RHSA-2026:8218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8337","reference_id":"RHSA-2026:8337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8338","reference_id":"RHSA-2026:8338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8433","reference_id":"RHSA-2026:8433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9097","reference_id":"RHSA-2026:9097","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9097"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9098","reference_id":"RHSA-2026:9098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9108","reference_id":"RHSA-2026:9108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9109","reference_id":"RHSA-2026:9109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9848","reference_id":"RHSA-2026:9848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9848"}],"fixed_packages":[],"aliases":["CVE-2025-61729"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hay4-q9m3-ekdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9083?format=json","vulnerability_id":"VCID-qb4z-jzem-myee","summary":"In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34749.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34749.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34749","reference_id":"","reference_type":"","scores":[{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66967","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66928","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66862","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66915","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66918","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66904","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66879","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66896","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66849","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66882","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66895","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66876","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66815","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.6684","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66813","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66885","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34749"},{"reference_url":"https://github.com/advisories/GHSA-fw3v-x4f2-v673","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fw3v-x4f2-v673"},{"reference_url":"https://github.com/lepture/mistune","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lepture/mistune"},{"reference_url":"https://github.com/lepture/mistune/commit/a6d43215132fe4f3d93f8d7e90ba83b16a0838b2","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lepture/mistune/commit/a6d43215132fe4f3d93f8d7e90ba83b16a0838b2"},{"reference_url":"https://github.com/lepture/mistune/commit/ca1e7b506850f4e488823fc7338b49a8f9852718","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lepture/mistune/commit/ca1e7b506850f4e488823fc7338b49a8f9852718"},{"reference_url":"https://github.com/lepture/mistune/issues/314#issuecomment-1223972386","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lepture/mistune/issues/314#issuecomment-1223972386"},{"reference_url":"https://github.com/lepture/mistune/releases","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lepture/mistune/releases"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/mistune/PYSEC-2022-237.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/mistune/PYSEC-2022-237.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TQHXITQ2DSBYOILKHXBSBB7PFBPZHF63","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TQHXITQ2DSBYOILKHXBSBB7PFBPZHF63"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34749","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34749"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016089","reference_id":"1016089","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016089"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2112230","reference_id":"2112230","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2112230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2711","reference_id":"RHSA-2026:2711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2737","reference_id":"RHSA-2026:2737","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2737"}],"fixed_packages":[],"aliases":["CVE-2022-34749","GHSA-fw3v-x4f2-v673","PYSEC-2022-237"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qb4z-jzem-myee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/17062?format=json","vulnerability_id":"VCID-qp47-aewx-wufh","summary":"Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations\n### Summary\n\nUnclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by `ParseWithClaims` return both error codes. If users only check for the `jwt.ErrTokenExpired ` using `error.Is`, they will ignore the embedded `jwt.ErrTokenSignatureInvalid` and thus potentially accept invalid tokens.\n\n### Fix\n\nWe have back-ported the error handling logic from the `v5` branch to the `v4` branch. In this logic, the `ParseWithClaims` function will immediately return in \"dangerous\" situations (e.g., an invalid signature), limiting the combined errors only to situations where the signature is valid, but further validation failed (e.g., if the signature is valid, but is expired AND has the wrong audience). This fix is part of the 4.5.1 release.\n\n### Workaround \n\nWe are aware that this changes the behaviour of an established function and is not 100 % backwards compatible, so updating to 4.5.1 might break your code. In case you cannot update to 4.5.0, please make sure that you are properly checking for all errors (\"dangerous\" ones first), so that you are not running in the case detailed above.\n\n```Go\ntoken, err := /* jwt.Parse or similar */\nif token.Valid {\n\tfmt.Println(\"You look nice today\")\n} else if errors.Is(err, jwt.ErrTokenMalformed) {\n\tfmt.Println(\"That's not even a token\")\n} else if errors.Is(err, jwt.ErrTokenUnverifiable) {\n\tfmt.Println(\"We could not verify this token\")\n} else if errors.Is(err, jwt.ErrTokenSignatureInvalid) {\n\tfmt.Println(\"This token has an invalid signature\")\n} else if errors.Is(err, jwt.ErrTokenExpired) || errors.Is(err, jwt.ErrTokenNotValidYet) {\n\t// Token is either expired or not active yet\n\tfmt.Println(\"Timing is everything\")\n} else {\n\tfmt.Println(\"Couldn't handle this token:\", err)\n}\n```","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-51744.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-51744.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51744","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18661","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.19036","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.1876","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18841","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18892","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18897","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.1885","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18799","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18749","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18761","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18779","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18666","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18644","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18601","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18475","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18559","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18984","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51744"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/golang-jwt/jwt","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/golang-jwt/jwt"},{"reference_url":"https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-05T16:11:29Z/"}],"url":"https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c"},{"reference_url":"https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-05T16:11:29Z/"}],"url":"https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51744","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51744"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086792","reference_id":"1086792","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086792"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2323735","reference_id":"2323735","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2323735"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11351","reference_id":"RHSA-2025:11351","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2737","reference_id":"RHSA-2026:2737","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2737"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3406","reference_id":"RHSA-2026:3406","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3406"}],"fixed_packages":[],"aliases":["CVE-2024-51744","GHSA-29wx-vh33-7x7r"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qp47-aewx-wufh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68988?format=json","vulnerability_id":"VCID-r1ah-c6z7-vyen","summary":"ceph: privilege escalation by unprivileged users in a ceph-fuse mounted CephFS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52555.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52555.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-52555","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05524","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05591","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05559","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05558","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05595","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0562","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05584","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05532","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05542","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05705","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17159","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17211","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.1707","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17271","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17295","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17251","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-52555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52555"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108410","reference_id":"1108410","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108410"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374412","reference_id":"2374412","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374412"},{"reference_url":"https://github.com/ceph/ceph/pull/60314","reference_id":"60314","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-26T20:40:04Z/"}],"url":"https://github.com/ceph/ceph/pull/60314"},{"reference_url":"https://github.com/ceph/ceph/security/advisories/GHSA-89hm-qq33-2fjm","reference_id":"GHSA-89hm-qq33-2fjm","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-26T20:40:04Z/"}],"url":"https://github.com/ceph/ceph/security/advisories/GHSA-89hm-qq33-2fjm"}],"fixed_packages":[],"aliases":["CVE-2025-52555"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r1ah-c6z7-vyen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14920?format=json","vulnerability_id":"VCID-s6f3-3mxh-ekfr","summary":"Predictable results in nanoid generation when given non-integer values\nWhen nanoid is called with a fractional value, there were a number of undesirable effects:\n\n1. in browser and non-secure, the code infinite loops on while (size--)\n2. in node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled\n3. if the first call in node is a fractional argument, the initial buffer allocation fails with an error\n\nVersion 3.3.8 and 5.0.9 are fixed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55565.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55565.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-55565","reference_id":"","reference_type":"","scores":[{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28479","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.29028","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.29078","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28887","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28955","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28997","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.29001","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28956","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28907","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28931","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28906","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.2886","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28741","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.2863","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28561","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.284","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28457","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-55565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55565"},{"reference_url":"https://github.com/ai/nanoid","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ai/nanoid"},{"reference_url":"https://github.com/ai/nanoid/compare/3.3.7...3.3.8","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T17:19:45Z/"}],"url":"https://github.com/ai/nanoid/compare/3.3.7...3.3.8"},{"reference_url":"https://github.com/ai/nanoid/pull/510","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T17:19:45Z/"}],"url":"https://github.com/ai/nanoid/pull/510"},{"reference_url":"https://github.com/ai/nanoid/releases/tag/5.0.9","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T17:19:45Z/"}],"url":"https://github.com/ai/nanoid/releases/tag/5.0.9"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/12/msg00025.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/12/msg00025.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00006.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-55565","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-55565"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2331063","reference_id":"2331063","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2331063"},{"reference_url":"https://github.com/advisories/GHSA-mwcw-c2x4-8c55","reference_id":"GHSA-mwcw-c2x4-8c55","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mwcw-c2x4-8c55"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10990","reference_id":"RHSA-2024:10990","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10990"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0079","reference_id":"RHSA-2025:0079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0082","reference_id":"RHSA-2025:0082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0340","reference_id":"RHSA-2025:0340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0654","reference_id":"RHSA-2025:0654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0723","reference_id":"RHSA-2025:0723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0778","reference_id":"RHSA-2025:0778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0785","reference_id":"RHSA-2025:0785","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0851","reference_id":"RHSA-2025:0851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0875","reference_id":"RHSA-2025:0875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0892","reference_id":"RHSA-2025:0892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1051","reference_id":"RHSA-2025:1051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1448","reference_id":"RHSA-2025:1448","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1448"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2652","reference_id":"RHSA-2025:2652","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2652"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3368","reference_id":"RHSA-2025:3368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3374","reference_id":"RHSA-2025:3374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3397","reference_id":"RHSA-2025:3397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2737","reference_id":"RHSA-2026:2737","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2737"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3406","reference_id":"RHSA-2026:3406","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3406"}],"fixed_packages":[],"aliases":["CVE-2024-55565","GHSA-mwcw-c2x4-8c55"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s6f3-3mxh-ekfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66475?format=json","vulnerability_id":"VCID-sty6-gwh1-hbcy","summary":"golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47913.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47913.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47913","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01899","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02017","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02039","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02044","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02031","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02274","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04957","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04813","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04852","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04864","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04913","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0592","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11696","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11751","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11611","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11781","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11824","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47913"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414943","reference_id":"2414943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414943"},{"reference_url":"https://go.dev/cl/700295","reference_id":"700295","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:47:44Z/"}],"url":"https://go.dev/cl/700295"},{"reference_url":"https://go.dev/issue/75178","reference_id":"75178","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:47:44Z/"}],"url":"https://go.dev/issue/75178"},{"reference_url":"https://github.com/advisories/GHSA-56w8-48fp-6mgv","reference_id":"GHSA-56w8-48fp-6mgv","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:47:44Z/"}],"url":"https://github.com/advisories/GHSA-56w8-48fp-6mgv"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-4116","reference_id":"GO-2025-4116","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:47:44Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-4116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22743","reference_id":"RHSA-2025:22743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22955","reference_id":"RHSA-2025:22955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23028","reference_id":"RHSA-2025:23028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23059","reference_id":"RHSA-2025:23059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23060","reference_id":"RHSA-2025:23060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23061","reference_id":"RHSA-2025:23061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23064","reference_id":"RHSA-2025:23064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23176","reference_id":"RHSA-2025:23176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23531","reference_id":"RHSA-2025:23531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23546","reference_id":"RHSA-2025:23546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0436","reference_id":"RHSA-2026:0436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0437","reference_id":"RHSA-2026:0437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0470","reference_id":"RHSA-2026:0470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0527","reference_id":"RHSA-2026:0527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0545","reference_id":"RHSA-2026:0545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0753","reference_id":"RHSA-2026:0753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1018","reference_id":"RHSA-2026:1018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10703","reference_id":"RHSA-2026:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1084","reference_id":"RHSA-2026:1084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11749","reference_id":"RHSA-2026:11749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12030","reference_id":"RHSA-2026:12030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13431","reference_id":"RHSA-2026:13431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13450","reference_id":"RHSA-2026:13450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13630","reference_id":"RHSA-2026:13630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14868","reference_id":"RHSA-2026:14868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1942","reference_id":"RHSA-2026:1942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2136","reference_id":"RHSA-2026:2136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2454","reference_id":"RHSA-2026:2454","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2454"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2737","reference_id":"RHSA-2026:2737","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2737"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2922","reference_id":"RHSA-2026:2922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3122","reference_id":"RHSA-2026:3122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3827","reference_id":"RHSA-2026:3827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4215","reference_id":"RHSA-2026:4215","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4532","reference_id":"RHSA-2026:4532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4693","reference_id":"RHSA-2026:4693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5167","reference_id":"RHSA-2026:5167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5222","reference_id":"RHSA-2026:5222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6503","reference_id":"RHSA-2026:6503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8325","reference_id":"RHSA-2026:8325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8325"}],"fixed_packages":[],"aliases":["CVE-2025-47913"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sty6-gwh1-hbcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/26923?format=json","vulnerability_id":"VCID-vzq7-t235-ukd5","summary":"DOMPurify allows Cross-site Scripting (XSS)\nDOMPurify before 3.2.4 has an incorrect template literal regular expression when SAFE_FOR_TEMPLATES is set to true, sometimes leading to mutation cross-site scripting (mXSS).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26791.json","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26791.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26791","reference_id":"","reference_type":"","scores":[{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26427","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26319","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26426","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26455","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26449","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26552","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26546","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26497","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26887","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26935","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29052","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29037","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.28975","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.2912","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37796","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37771","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26791"},{"reference_url":"https://ensy.zip/posts/dompurify-323-bypass","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://ensy.zip/posts/dompurify-323-bypass"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/cure53/DOMPurify","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/cure53/DOMPurify"},{"reference_url":"https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:30:30Z/"}],"url":"https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02"},{"reference_url":"https://github.com/cure53/DOMPurify/releases/tag/3.2.4","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:30:30Z/"}],"url":"https://github.com/cure53/DOMPurify/releases/tag/3.2.4"},{"reference_url":"https://nsysean.github.io/posts/dompurify-323-bypass","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nsysean.github.io/posts/dompurify-323-bypass"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26791","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26791"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098325","reference_id":"1098325","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098325"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345695","reference_id":"2345695","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345695"},{"reference_url":"https://ensy.zip/posts/dompurify-323-bypass/","reference_id":"dompurify-323-bypass","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:30:30Z/"}],"url":"https://ensy.zip/posts/dompurify-323-bypass/"},{"reference_url":"https://nsysean.github.io/posts/dompurify-323-bypass/","reference_id":"dompurify-323-bypass","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:30:30Z/"}],"url":"https://nsysean.github.io/posts/dompurify-323-bypass/"},{"reference_url":"https://github.com/advisories/GHSA-vhxf-7vqr-mrjg","reference_id":"GHSA-vhxf-7vqr-mrjg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vhxf-7vqr-mrjg"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10020","reference_id":"RHSA-2025:10020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1875","reference_id":"RHSA-2025:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2518","reference_id":"RHSA-2025:2518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3368","reference_id":"RHSA-2025:3368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3397","reference_id":"RHSA-2025:3397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3886","reference_id":"RHSA-2025:3886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7626","reference_id":"RHSA-2025:7626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2737","reference_id":"RHSA-2026:2737","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2737"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3406","reference_id":"RHSA-2026:3406","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3406"}],"fixed_packages":[],"aliases":["CVE-2025-26791","GHSA-vhxf-7vqr-mrjg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vzq7-t235-ukd5"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ceph@2:18.2.1-381%3Farch=el8cp"}