VulnerableCode.io REST API

Lookup for vulnerable packages by Package URL.

GET /api/packages/88253?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/88253?format=api",
    "purl": "pkg:rpm/redhat/python3.9@3.9.25-2?arch=el9_7",
    "type": "rpm",
    "namespace": "redhat",
    "name": "python3.9",
    "version": "3.9.25-2",
    "qualifiers": {
        "arch": "el9_7"
    },
    "subpath": "",
    "is_vulnerable": true,
    "next_non_vulnerable_version": null,
    "latest_non_vulnerable_version": null,
    "affected_by_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75055?format=api",
            "vulnerability_id": "VCID-8hug-fhhb-sbgt",
            "summary": "python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5642.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.7",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5642.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5642",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00161",
                            "scoring_system": "epss",
                            "scoring_elements": "0.36996",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00161",
                            "scoring_system": "epss",
                            "scoring_elements": "0.36944",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00161",
                            "scoring_system": "epss",
                            "scoring_elements": "0.3697",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00161",
                            "scoring_system": "epss",
                            "scoring_elements": "0.37004",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00187",
                            "scoring_system": "epss",
                            "scoring_elements": "0.40129",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00187",
                            "scoring_system": "epss",
                            "scoring_elements": "0.40497",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00187",
                            "scoring_system": "epss",
                            "scoring_elements": "0.40548",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00187",
                            "scoring_system": "epss",
                            "scoring_elements": "0.40268",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00192",
                            "scoring_system": "epss",
                            "scoring_elements": "0.41215",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00192",
                            "scoring_system": "epss",
                            "scoring_elements": "0.41186",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00192",
                            "scoring_system": "epss",
                            "scoring_elements": "0.41113",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00192",
                            "scoring_system": "epss",
                            "scoring_elements": "0.40987",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00192",
                            "scoring_system": "epss",
                            "scoring_elements": "0.41214",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00192",
                            "scoring_system": "epss",
                            "scoring_elements": "0.41002",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00192",
                            "scoring_system": "epss",
                            "scoring_elements": "0.41184",
                            "published_at": "2026-04-02T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5642"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5642",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5642"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://github.com/python/cpython/issues/121227",
                    "reference_id": "121227",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-28T13:47:34Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/issues/121227"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294682",
                    "reference_id": "2294682",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294682"
                },
                {
                    "reference_url": "https://github.com/python/cpython/pull/23014",
                    "reference_id": "23014",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-28T13:47:34Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/pull/23014"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/39258d3595300bc7b952854c915f63ae2d4b9c3e",
                    "reference_id": "39258d3595300bc7b952854c915f63ae2d4b9c3e",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-28T13:47:34Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/39258d3595300bc7b952854c915f63ae2d4b9c3e"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2024/06/28/4",
                    "reference_id": "4",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-28T13:47:34Z/"
                        }
                    ],
                    "url": "http://www.openwall.com/lists/oss-security/2024/06/28/4"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/a2cdbb6e8188ba9ba8b356b28d91bff60e86fe31",
                    "reference_id": "a2cdbb6e8188ba9ba8b356b28d91bff60e86fe31",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-28T13:47:34Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/a2cdbb6e8188ba9ba8b356b28d91bff60e86fe31"
                },
                {
                    "reference_url": "https://jbp.io/2024/06/27/cve-2024-5535-openssl-memory-safety.html",
                    "reference_id": "cve-2024-5535-openssl-memory-safety.html",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-28T13:47:34Z/"
                        }
                    ],
                    "url": "https://jbp.io/2024/06/27/cve-2024-5535-openssl-memory-safety.html"
                },
                {
                    "reference_url": "https://security.netapp.com/advisory/ntap-20240726-0005/",
                    "reference_id": "ntap-20240726-0005",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-28T13:47:34Z/"
                        }
                    ],
                    "url": "https://security.netapp.com/advisory/ntap-20240726-0005/"
                },
                {
                    "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/",
                    "reference_id": "PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-28T13:47:34Z/"
                        }
                    ],
                    "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2025:23342",
                    "reference_id": "RHSA-2025:23342",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2025:23342"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530",
                    "reference_id": "RHSA-2025:23530",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2025:23530"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:0414",
                    "reference_id": "RHSA-2026:0414",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:0414"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:0685",
                    "reference_id": "RHSA-2026:0685",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:0685"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:1652",
                    "reference_id": "RHSA-2026:1652",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:1652"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2024-5642"
            ],
            "risk_score": 3.0,
            "exploitability": "0.5",
            "weighted_severity": "5.9",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8hug-fhhb-sbgt"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69414?format=api",
            "vulnerability_id": "VCID-emaw-jmek-9bcy",
            "summary": "cpython: Python HTMLParser quadratic complexity",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6069.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6069.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6069",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00283",
                            "scoring_system": "epss",
                            "scoring_elements": "0.51588",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00306",
                            "scoring_system": "epss",
                            "scoring_elements": "0.5389",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00306",
                            "scoring_system": "epss",
                            "scoring_elements": "0.53842",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00306",
                            "scoring_system": "epss",
                            "scoring_elements": "0.53844",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00306",
                            "scoring_system": "epss",
                            "scoring_elements": "0.53818",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00306",
                            "scoring_system": "epss",
                            "scoring_elements": "0.53792",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00306",
                            "scoring_system": "epss",
                            "scoring_elements": "0.53873",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00864",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75175",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00864",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75086",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00864",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75123",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00864",
                            "scoring_system": "epss",
                            "scoring_elements": "0.7513",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00864",
                            "scoring_system": "epss",
                            "scoring_elements": "0.7512",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00864",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75159",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00864",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75162",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00864",
                            "scoring_system": "epss",
                            "scoring_elements": "0.75166",
                            "published_at": "2026-04-29T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6069"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6069",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6069"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109376",
                    "reference_id": "1109376",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109376"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118430",
                    "reference_id": "1118430",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118430"
                },
                {
                    "reference_url": "https://github.com/python/cpython/issues/135462",
                    "reference_id": "135462",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/issues/135462"
                },
                {
                    "reference_url": "https://github.com/python/cpython/pull/135464",
                    "reference_id": "135464",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/pull/135464"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373234",
                    "reference_id": "2373234",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373234"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949",
                    "reference_id": "4455cbabf991e202185a25a631af206f60bbc949",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41",
                    "reference_id": "6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/8d1b3dfa09135affbbf27fb8babcf3c11415df49",
                    "reference_id": "8d1b3dfa09135affbbf27fb8babcf3c11415df49",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/8d1b3dfa09135affbbf27fb8babcf3c11415df49"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/ab0893fd5c579d9cea30841680e6d35fc478afb5",
                    "reference_id": "ab0893fd5c579d9cea30841680e6d35fc478afb5",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/ab0893fd5c579d9cea30841680e6d35fc478afb5"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b",
                    "reference_id": "d851f8e258c7328814943e923a7df81bca15df4b",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/f3c6f882cddc8dc30320d2e73edf019e201394fc",
                    "reference_id": "f3c6f882cddc8dc30320d2e73edf019e201394fc",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/f3c6f882cddc8dc30320d2e73edf019e201394fc"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/fdc9d214c01cb4588f540cfa03726bbf2a33fc15",
                    "reference_id": "fdc9d214c01cb4588f540cfa03726bbf2a33fc15",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/fdc9d214c01cb4588f540cfa03726bbf2a33fc15"
                },
                {
                    "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/K5PIYLR6EP3WR7ZOKKYQUWEDNQVUXOYM/",
                    "reference_id": "K5PIYLR6EP3WR7ZOKKYQUWEDNQVUXOYM",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/"
                        }
                    ],
                    "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/K5PIYLR6EP3WR7ZOKKYQUWEDNQVUXOYM/"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2025:23342",
                    "reference_id": "RHSA-2025:23342",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2025:23342"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530",
                    "reference_id": "RHSA-2025:23530",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2025:23530"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:0414",
                    "reference_id": "RHSA-2026:0414",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:0414"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:0685",
                    "reference_id": "RHSA-2026:0685",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:0685"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:1652",
                    "reference_id": "RHSA-2026:1652",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:1652"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:1858",
                    "reference_id": "RHSA-2026:1858",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:1858"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/7710-1/",
                    "reference_id": "USN-7710-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/7710-1/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2025-6069"
            ],
            "risk_score": 1.9,
            "exploitability": "0.5",
            "weighted_severity": "3.9",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-emaw-jmek-9bcy"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66621?format=api",
            "vulnerability_id": "VCID-fcsb-dn49-47gy",
            "summary": "python: Quadratic complexity in os.path.expandvars() with user-controlled template",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6075.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.0",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6075.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6075",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00021",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05701",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00021",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05661",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00021",
                            "scoring_system": "epss",
                            "scoring_elements": "0.0576",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00021",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05734",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00021",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05694",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.0003",
                            "scoring_system": "epss",
                            "scoring_elements": "0.08477",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.0003",
                            "scoring_system": "epss",
                            "scoring_elements": "0.08574",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.0003",
                            "scoring_system": "epss",
                            "scoring_elements": "0.08553",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.0003",
                            "scoring_system": "epss",
                            "scoring_elements": "0.08536",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.0003",
                            "scoring_system": "epss",
                            "scoring_elements": "0.08429",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.0003",
                            "scoring_system": "epss",
                            "scoring_elements": "0.08414",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.0003",
                            "scoring_system": "epss",
                            "scoring_elements": "0.08587",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.0003",
                            "scoring_system": "epss",
                            "scoring_elements": "0.08541",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00031",
                            "scoring_system": "epss",
                            "scoring_elements": "0.08938",
                            "published_at": "2026-04-29T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6075"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6075",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6075"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126777",
                    "reference_id": "1126777",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126777"
                },
                {
                    "reference_url": "https://github.com/python/cpython/issues/136065",
                    "reference_id": "136065",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "1.8",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/issues/136065"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408891",
                    "reference_id": "2408891",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408891"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/2e6150adccaaf5bd95d4c19dfd04a36e0b325d8c",
                    "reference_id": "2e6150adccaaf5bd95d4c19dfd04a36e0b325d8c",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "1.8",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/2e6150adccaaf5bd95d4c19dfd04a36e0b325d8c"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/5dceb93486176e6b4a6d9754491005113eb23427",
                    "reference_id": "5dceb93486176e6b4a6d9754491005113eb23427",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "1.8",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/5dceb93486176e6b4a6d9754491005113eb23427"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/631ba3407e3348ccd56ce5160c4fb2c5dc5f4d84",
                    "reference_id": "631ba3407e3348ccd56ce5160c4fb2c5dc5f4d84",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "1.8",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/631ba3407e3348ccd56ce5160c4fb2c5dc5f4d84"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/892747b4cf0f95ba8beb51c0d0658bfaa381ebca",
                    "reference_id": "892747b4cf0f95ba8beb51c0d0658bfaa381ebca",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "1.8",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/892747b4cf0f95ba8beb51c0d0658bfaa381ebca"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/9ab89c026aa9611c4b0b67c288b8303a480fe742",
                    "reference_id": "9ab89c026aa9611c4b0b67c288b8303a480fe742",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "1.8",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/9ab89c026aa9611c4b0b67c288b8303a480fe742"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/c8a5f3435c342964e0a432cc9fb448b7dbecd1ba",
                    "reference_id": "c8a5f3435c342964e0a432cc9fb448b7dbecd1ba",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "1.8",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/c8a5f3435c342964e0a432cc9fb448b7dbecd1ba"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/f029e8db626ddc6e3a3beea4eff511a71aaceb5c",
                    "reference_id": "f029e8db626ddc6e3a3beea4eff511a71aaceb5c",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "1.8",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/f029e8db626ddc6e3a3beea4eff511a71aaceb5c"
                },
                {
                    "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/",
                    "reference_id": "IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "1.8",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/"
                        }
                    ],
                    "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2025:23342",
                    "reference_id": "RHSA-2025:23342",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2025:23342"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530",
                    "reference_id": "RHSA-2025:23530",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2025:23530"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:0414",
                    "reference_id": "RHSA-2026:0414",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:0414"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:0685",
                    "reference_id": "RHSA-2026:0685",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:0685"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:10950",
                    "reference_id": "RHSA-2026:10950",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:10950"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:1652",
                    "reference_id": "RHSA-2026:1652",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:1652"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:7443",
                    "reference_id": "RHSA-2026:7443",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:7443"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:7661",
                    "reference_id": "RHSA-2026:7661",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:7661"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:8822",
                    "reference_id": "RHSA-2026:8822",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:8822"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:8824",
                    "reference_id": "RHSA-2026:8824",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:8824"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/7886-1/",
                    "reference_id": "USN-7886-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/7886-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/7886-2/",
                    "reference_id": "USN-7886-2",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/7886-2/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2025-6075"
            ],
            "risk_score": 1.8,
            "exploitability": "0.5",
            "weighted_severity": "3.6",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fcsb-dn49-47gy"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66934?format=api",
            "vulnerability_id": "VCID-znkr-fxtj-4uc7",
            "summary": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8291.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8291.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8291",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00114",
                            "scoring_system": "epss",
                            "scoring_elements": "0.30092",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00114",
                            "scoring_system": "epss",
                            "scoring_elements": "0.29659",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00114",
                            "scoring_system": "epss",
                            "scoring_elements": "0.29722",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00114",
                            "scoring_system": "epss",
                            "scoring_elements": "0.29835",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00114",
                            "scoring_system": "epss",
                            "scoring_elements": "0.2991",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00114",
                            "scoring_system": "epss",
                            "scoring_elements": "0.29956",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00114",
                            "scoring_system": "epss",
                            "scoring_elements": "0.29977",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00114",
                            "scoring_system": "epss",
                            "scoring_elements": "0.29961",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00114",
                            "scoring_system": "epss",
                            "scoring_elements": "0.3001",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00114",
                            "scoring_system": "epss",
                            "scoring_elements": "0.30055",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00114",
                            "scoring_system": "epss",
                            "scoring_elements": "0.30049",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00114",
                            "scoring_system": "epss",
                            "scoring_elements": "0.30015",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00114",
                            "scoring_system": "epss",
                            "scoring_elements": "0.3014",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00114",
                            "scoring_system": "epss",
                            "scoring_elements": "0.29954",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32003",
                            "published_at": "2026-05-05T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8291"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8291",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8291"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118431",
                    "reference_id": "1118431",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118431"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118432",
                    "reference_id": "1118432",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118432"
                },
                {
                    "reference_url": "https://github.com/python/cpython/issues/139700",
                    "reference_id": "139700",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/issues/139700"
                },
                {
                    "reference_url": "https://github.com/python/cpython/pull/139702",
                    "reference_id": "139702",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/pull/139702"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267",
                    "reference_id": "162997bb70e067668c039700141770687bc8f267",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/1d29afb0d6218aa8fb5e1e4a6133a4778d89bb46",
                    "reference_id": "1d29afb0d6218aa8fb5e1e4a6133a4778d89bb46",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/1d29afb0d6218aa8fb5e1e4a6133a4778d89bb46"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402342",
                    "reference_id": "2402342",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402342"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6",
                    "reference_id": "333d4a6f4967d3ace91492a39ededbcf3faa76a6",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/76437ac248ad8ca44e9bf697b02b1e2241df2196",
                    "reference_id": "76437ac248ad8ca44e9bf697b02b1e2241df2196",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/76437ac248ad8ca44e9bf697b02b1e2241df2196"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/8392b2f0d35678407d9ce7d95655a5b77de161b4",
                    "reference_id": "8392b2f0d35678407d9ce7d95655a5b77de161b4",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/8392b2f0d35678407d9ce7d95655a5b77de161b4"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/bca11ae7d575d87ed93f5dd6a313be6246e3e388",
                    "reference_id": "bca11ae7d575d87ed93f5dd6a313be6246e3e388",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/bca11ae7d575d87ed93f5dd6a313be6246e3e388"
                },
                {
                    "reference_url": "https://github.com/python/cpython/commit/d11e69d6203080e3ec450446bfed0516727b85c3",
                    "reference_id": "d11e69d6203080e3ec450446bfed0516727b85c3",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/"
                        }
                    ],
                    "url": "https://github.com/python/cpython/commit/d11e69d6203080e3ec450446bfed0516727b85c3"
                },
                {
                    "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/",
                    "reference_id": "QECOPWMTH4VPPJAXAH2BGTA4XADOP62G",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/"
                        }
                    ],
                    "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2025:23323",
                    "reference_id": "RHSA-2025:23323",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2025:23323"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2025:23342",
                    "reference_id": "RHSA-2025:23342",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2025:23342"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530",
                    "reference_id": "RHSA-2025:23530",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2025:23530"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2025:23940",
                    "reference_id": "RHSA-2025:23940",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2025:23940"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:0123",
                    "reference_id": "RHSA-2026:0123",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:0123"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:0353",
                    "reference_id": "RHSA-2026:0353",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:0353"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:0354",
                    "reference_id": "RHSA-2026:0354",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:0354"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:0355",
                    "reference_id": "RHSA-2026:0355",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:0355"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:0414",
                    "reference_id": "RHSA-2026:0414",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:0414"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:0685",
                    "reference_id": "RHSA-2026:0685",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:0685"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:1652",
                    "reference_id": "RHSA-2026:1652",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:1652"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:1858",
                    "reference_id": "RHSA-2026:1858",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:1858"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:7443",
                    "reference_id": "RHSA-2026:7443",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:7443"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:7661",
                    "reference_id": "RHSA-2026:7661",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:7661"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:8822",
                    "reference_id": "RHSA-2026:8822",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:8822"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:8824",
                    "reference_id": "RHSA-2026:8824",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:8824"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/7886-1/",
                    "reference_id": "USN-7886-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/7886-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/7886-2/",
                    "reference_id": "USN-7886-2",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/7886-2/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2025-8291"
            ],
            "risk_score": 1.9,
            "exploitability": "0.5",
            "weighted_severity": "3.9",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-znkr-fxtj-4uc7"
        }
    ],
    "fixing_vulnerabilities": [],
    "risk_score": "3.0",
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python3.9@3.9.25-2%3Farch=el9_7"
}

Package Instance