Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/926092?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/926092?format=api", "purl": "pkg:deb/debian/jython@0?distro=trixie", "type": "deb", "namespace": "debian", "name": "jython", "version": "0", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.5.3-17", "latest_non_vulnerable_version": "2.7.2+repack1-5", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31515?format=api", "vulnerability_id": "VCID-1hw3-vhwb-nkcd", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12718.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12718.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.7201", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71952", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71924", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71959", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71926", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71893", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71903", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71904", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.719", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71854", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71871", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71867", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71793", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71811", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71785", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71824", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71835", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71825", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71859", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71842", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12718" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/127987", "reference_id": "127987", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/issues/127987" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370013", "reference_id": "2370013", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370013" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f", "reference_id": "52398e33eff261329a0180ac1d54f42f", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11386", "reference_id": "RHSA-2025:11386", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11386" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18219", "reference_id": "RHSA-2025:18219", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926092?format=api", "purl": "pkg:deb/debian/jython@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926089?format=api", "purl": "pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-v84j-ugn9-w3c8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926087?format=api", "purl": "pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-12718" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1hw3-vhwb-nkcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31516?format=api", "vulnerability_id": "VCID-4afh-28ss-mudf", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4138.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4138.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50673", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50718", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.5064", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50608", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50654", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50624", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50571", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50655", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50736", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50756", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.5075", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50725", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50748", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50706", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.5071", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50699", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50648", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50685", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4138" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372426", "reference_id": "2372426", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372426" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f", "reference_id": "52398e33eff261329a0180ac1d54f42f", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11386", "reference_id": "RHSA-2025:11386", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11386" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18219", "reference_id": "RHSA-2025:18219", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926092?format=api", "purl": "pkg:deb/debian/jython@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926089?format=api", "purl": "pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-v84j-ugn9-w3c8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926087?format=api", "purl": "pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4138" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4afh-28ss-mudf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31521?format=api", "vulnerability_id": "VCID-757r-fs6p-qqdd", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4517.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4517.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4517", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53579", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53606", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53622", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53625", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53576", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53671", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61005", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60895", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60876", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60918", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60923", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60907", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60898", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.6091", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60903", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60853", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60901", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.6096", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60922", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60948", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4517" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370016", "reference_id": "2370016", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370016" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f", "reference_id": "52398e33eff261329a0180ac1d54f42f", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11386", "reference_id": "RHSA-2025:11386", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11386" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18219", "reference_id": "RHSA-2025:18219", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926092?format=api", "purl": "pkg:deb/debian/jython@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926089?format=api", "purl": "pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-v84j-ugn9-w3c8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926087?format=api", "purl": "pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4517" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-757r-fs6p-qqdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31517?format=api", "vulnerability_id": "VCID-8zdt-4q7m-t7ht", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4330.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4330.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4330", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77068", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.7732", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77274", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77257", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77268", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77248", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.7708", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77128", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77149", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77122", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77112", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77097", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77219", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77214", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77199", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77192", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77158", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77166", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77164", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77123", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4330" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370014", "reference_id": "2370014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370014" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f", "reference_id": "52398e33eff261329a0180ac1d54f42f", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926092?format=api", "purl": "pkg:deb/debian/jython@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926089?format=api", "purl": "pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-v84j-ugn9-w3c8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926087?format=api", "purl": "pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4330" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8zdt-4q7m-t7ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64945?format=api", "vulnerability_id": "VCID-bn83-d2qp-9bfy", "summary": "cpython: Missing character filtering in Python", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11468.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11468.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11468", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11821", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11742", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11863", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11649", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11734", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11787", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11797", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11759", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11733", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11597", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11595", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11718", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11676", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11637", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11561", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11482", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11618", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1167", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11641", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11683", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11468" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094", "reference_id": "003b8315669b9f08b1010a49071f73f15f818094", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126786", "reference_id": "1126786", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126786" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126787", "reference_id": "1126787", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126787" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126788", "reference_id": "1126788", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126788" }, { "reference_url": "https://github.com/python/cpython/issues/143935", "reference_id": "143935", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/issues/143935" }, { "reference_url": "https://github.com/python/cpython/pull/143936", "reference_id": "143936", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/pull/143936" }, { "reference_url": "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2", "reference_id": "17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431375", "reference_id": "2431375", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431375" }, { "reference_url": "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6", "reference_id": "61614a5e5056e4f61ced65008d4576f3df34acb6", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6" }, { "reference_url": "https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66", "reference_id": "a76e4cd62dd68e7cbe86e37e6ed988495a646b66", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66" }, { "reference_url": "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0", "reference_id": "e9970f077240c7c670e8a6fc6662f2b30d3b6ad0", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0" }, { "reference_url": "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796", "reference_id": "f738386838021c762efea6c9802c82de65e87796", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/", "reference_id": "FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7443", "reference_id": "RHSA-2026:7443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7661", "reference_id": "RHSA-2026:7661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8822", "reference_id": "RHSA-2026:8822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8824", "reference_id": "RHSA-2026:8824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8824" }, { "reference_url": "https://usn.ubuntu.com/8018-1/", "reference_id": "USN-8018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8018-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926092?format=api", "purl": "pkg:deb/debian/jython@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926089?format=api", "purl": "pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-v84j-ugn9-w3c8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926087?format=api", "purl": "pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-11468" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bn83-d2qp-9bfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69467?format=api", "vulnerability_id": "VCID-q6g1-cjz3-77e4", "summary": "cpython: Tarfile extracts filtered members when errorlevel=0", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4435.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4435.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4435", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67621", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67834", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67777", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67751", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67782", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67745", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67702", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67622", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67663", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67696", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67711", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67688", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67673", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67642", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67725", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67723", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67692", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67712", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67699", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4435" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370010", "reference_id": "2370010", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370010" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926092?format=api", "purl": "pkg:deb/debian/jython@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926089?format=api", "purl": "pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-v84j-ugn9-w3c8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926087?format=api", "purl": "pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4435" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q6g1-cjz3-77e4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/352122?format=api", "vulnerability_id": "VCID-zxzn-25zt-ukct", "summary": "Mitgation of CVE-2026-4519 was incomplete. If the URL contained \"%action\" the mitigation could be bypassed for certain browser types the \"webbrowser.open()\" API could have commands injected into the underlying shell. See CVE-2026-4519 for details.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4786.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4786.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4786", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.0299", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02998", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0555", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05542", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05465", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0542", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05427", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05385", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05347", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05554", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05551", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4786" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/148169", "reference_id": "148169", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/issues/148169" }, { "reference_url": "https://github.com/python/cpython/pull/148170", "reference_id": "148170", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/pull/148170" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458049", "reference_id": "2458049", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458049" }, { "reference_url": "https://github.com/python/cpython/commit/28b4ad38067bbdad34edfcd03ad2de5f06387e53", "reference_id": "28b4ad38067bbdad34edfcd03ad2de5f06387e53", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/commit/28b4ad38067bbdad34edfcd03ad2de5f06387e53" }, { "reference_url": "https://github.com/python/cpython/commit/c5767a72838a8dda9d6dc5d3558075b055c56bca", "reference_id": "c5767a72838a8dda9d6dc5d3558075b055c56bca", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/commit/c5767a72838a8dda9d6dc5d3558075b055c56bca" }, { "reference_url": "https://github.com/python/cpython/commit/d22922c8a7958353689dc4763dd72da2dea03fff", "reference_id": "d22922c8a7958353689dc4763dd72da2dea03fff", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/commit/d22922c8a7958353689dc4763dd72da2dea03fff" }, { "reference_url": "https://github.com/python/cpython/commit/d6d68494be70bdbda20f89f83801ba52ec37daa4", "reference_id": "d6d68494be70bdbda20f89f83801ba52ec37daa4", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/commit/d6d68494be70bdbda20f89f83801ba52ec37daa4" }, { "reference_url": "https://github.com/python/cpython/commit/f4654824ae0850ac87227fb270f9057477946769", "reference_id": "f4654824ae0850ac87227fb270f9057477946769", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/commit/f4654824ae0850ac87227fb270f9057477946769" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5/", "reference_id": "JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10117", "reference_id": "RHSA-2026:10117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10140", "reference_id": "RHSA-2026:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10141", "reference_id": "RHSA-2026:10141", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10141" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10711", "reference_id": "RHSA-2026:10711", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10711" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10745", "reference_id": "RHSA-2026:10745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10774", "reference_id": "RHSA-2026:10774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10949", "reference_id": "RHSA-2026:10949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10950", "reference_id": "RHSA-2026:10950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11062", "reference_id": "RHSA-2026:11062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11077", "reference_id": "RHSA-2026:11077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11768", "reference_id": "RHSA-2026:11768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13692", "reference_id": "RHSA-2026:13692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13812", "reference_id": "RHSA-2026:13812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14652", "reference_id": "RHSA-2026:14652", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14652" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14653", "reference_id": "RHSA-2026:14653", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14653" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14656", "reference_id": "RHSA-2026:14656", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16699", "reference_id": "RHSA-2026:16699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17525", "reference_id": "RHSA-2026:17525", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17525" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8822", "reference_id": "RHSA-2026:8822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8824", "reference_id": "RHSA-2026:8824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9228", "reference_id": "RHSA-2026:9228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9228" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/926092?format=api", "purl": "pkg:deb/debian/jython@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926089?format=api", "purl": "pkg:deb/debian/jython@2.7.2%2Brepack1-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-v84j-ugn9-w3c8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.2%252Brepack1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/926087?format=api", "purl": "pkg:deb/debian/jython@2.7.3%2Brepack1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@2.7.3%252Brepack1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-4786" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zxzn-25zt-ukct" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jython@0%3Fdistro=trixie" }