Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libonig@6.9.4-1?distro=trixie

Type deb

Namespace debian

Name libonig

Version 6.9.4-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 6.9.6-1.1

Latest_non_vulnerable_version 6.9.10-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-73xb-21qk-gub3

vulnerability_id VCID-73xb-21qk-gub3

summary oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19246.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19246.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-19246

reference_id

reference_type

scores

value	0.00319
scoring_system	epss
scoring_elements	0.54888
published_at	2026-04-01T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54961
published_at	2026-04-29T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54992
published_at	2026-04-21T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54968
published_at	2026-04-24T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54987
published_at	2026-04-26T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54958
published_at	2026-04-02T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54984
published_at	2026-04-04T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54954
published_at	2026-04-07T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.55003
published_at	2026-04-09T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.55015
published_at	2026-04-18T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54997
published_at	2026-04-12T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54974
published_at	2026-04-13T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.55012
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-19246

reference_url	https://bugs.php.net/bug.php?id=78559
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=78559

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19246
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19246

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/kkos/oniguruma/commit/d3e402928b6eb3327f8f7d59a9edfa622fec557b
reference_id
reference_type
scores
url	https://github.com/kkos/oniguruma/commit/d3e402928b6eb3327f8f7d59a9edfa622fec557b

reference_url	https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1777537
reference_id	1777537
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1777537

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946344
reference_id	946344
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946344

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma::::::::
reference_id	cpe:2.3:a:oniguruma_project:oniguruma::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-19246

reference_id

CVE-2019-19246

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-19246

reference_url	https://access.redhat.com/errata/RHSA-2020:3662
reference_id	RHSA-2020:3662
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3662

reference_url	https://access.redhat.com/errata/RHSA-2020:5275
reference_id	RHSA-2020:5275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5275

reference_url	https://usn.ubuntu.com/4460-1/
reference_id	USN-4460-1
reference_type
scores
url	https://usn.ubuntu.com/4460-1/

reference_url	https://usn.ubuntu.com/USN-5662-1/
reference_id	USN-USN-5662-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5662-1/

fixed_packages

url	pkg:deb/debian/libonig@6.9.4-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.4-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.6-1.1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.6-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.6-1.1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.8-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.8-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.9-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.9-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.9-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.10-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.10-1%3Fdistro=trixie

aliases CVE-2019-19246

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-73xb-21qk-gub3

url VCID-jurp-5mrx-13ce

vulnerability_id VCID-jurp-5mrx-13ce

summary oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19204.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19204.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-19204

reference_id

reference_type

scores

value	0.08946
scoring_system	epss
scoring_elements	0.92556
published_at	2026-04-01T12:55:00Z

value	0.08946
scoring_system	epss
scoring_elements	0.92607
published_at	2026-04-29T12:55:00Z

value	0.08946
scoring_system	epss
scoring_elements	0.92605
published_at	2026-04-18T12:55:00Z

value	0.08946
scoring_system	epss
scoring_elements	0.92609
published_at	2026-04-21T12:55:00Z

value	0.08946
scoring_system	epss
scoring_elements	0.92611
published_at	2026-04-26T12:55:00Z

value	0.08946
scoring_system	epss
scoring_elements	0.92561
published_at	2026-04-02T12:55:00Z

value	0.08946
scoring_system	epss
scoring_elements	0.92568
published_at	2026-04-04T12:55:00Z

value	0.08946
scoring_system	epss
scoring_elements	0.92571
published_at	2026-04-07T12:55:00Z

value	0.08946
scoring_system	epss
scoring_elements	0.92582
published_at	2026-04-08T12:55:00Z

value	0.08946
scoring_system	epss
scoring_elements	0.92587
published_at	2026-04-09T12:55:00Z

value	0.08946
scoring_system	epss
scoring_elements	0.92592
published_at	2026-04-13T12:55:00Z

value	0.08946
scoring_system	epss
scoring_elements	0.92593
published_at	2026-04-12T12:55:00Z

value	0.08946
scoring_system	epss
scoring_elements	0.92606
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-19204

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19204
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19204

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/kkos/oniguruma/issues/162
reference_id
reference_type
scores
url	https://github.com/kkos/oniguruma/issues/162

reference_url	https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2
reference_id
reference_type
scores
url	https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2

reference_url	https://github.com/ManhNDd/CVE-2019-19204
reference_id
reference_type
scores
url	https://github.com/ManhNDd/CVE-2019-19204

reference_url	https://github.com/tarantula-team/CVE-2019-19204
reference_id
reference_type
scores
url	https://github.com/tarantula-team/CVE-2019-19204

reference_url	https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1802068
reference_id	1802068
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1802068

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945313
reference_id	945313
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945313

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma::::::::
reference_id	cpe:2.3:a:oniguruma_project:oniguruma::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1::::::
reference_id	cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-19204

reference_id

CVE-2019-19204

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-19204

reference_url	https://access.redhat.com/errata/RHSA-2020:3662
reference_id	RHSA-2020:3662
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3662

reference_url	https://access.redhat.com/errata/RHSA-2020:5275
reference_id	RHSA-2020:5275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5275

reference_url	https://access.redhat.com/errata/RHSA-2024:0409
reference_id	RHSA-2024:0409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0409

reference_url	https://access.redhat.com/errata/RHSA-2024:0572
reference_id	RHSA-2024:0572
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0572

reference_url	https://access.redhat.com/errata/RHSA-2024:0889
reference_id	RHSA-2024:0889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0889

reference_url	https://usn.ubuntu.com/4460-1/
reference_id	USN-4460-1
reference_type
scores
url	https://usn.ubuntu.com/4460-1/

reference_url	https://usn.ubuntu.com/USN-5662-1/
reference_id	USN-USN-5662-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5662-1/

fixed_packages

url	pkg:deb/debian/libonig@6.9.4-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.4-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.6-1.1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.6-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.6-1.1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.8-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.8-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.9-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.9-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.9-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.10-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.10-1%3Fdistro=trixie

aliases CVE-2019-19204

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jurp-5mrx-13ce

url VCID-khf6-r7w8-c7bm

vulnerability_id VCID-khf6-r7w8-c7bm

summary oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19203.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19203.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-19203

reference_id

reference_type

scores

value	0.00733
scoring_system	epss
scoring_elements	0.72664
published_at	2026-04-01T12:55:00Z

value	0.00733
scoring_system	epss
scoring_elements	0.72808
published_at	2026-04-29T12:55:00Z

value	0.00733
scoring_system	epss
scoring_elements	0.72761
published_at	2026-04-21T12:55:00Z

value	0.00733
scoring_system	epss
scoring_elements	0.72803
published_at	2026-04-24T12:55:00Z

value	0.00733
scoring_system	epss
scoring_elements	0.72812
published_at	2026-04-26T12:55:00Z

value	0.00733
scoring_system	epss
scoring_elements	0.72672
published_at	2026-04-02T12:55:00Z

value	0.00733
scoring_system	epss
scoring_elements	0.7269
published_at	2026-04-04T12:55:00Z

value	0.00733
scoring_system	epss
scoring_elements	0.72668
published_at	2026-04-07T12:55:00Z

value	0.00733
scoring_system	epss
scoring_elements	0.72707
published_at	2026-04-08T12:55:00Z

value	0.00733
scoring_system	epss
scoring_elements	0.7272
published_at	2026-04-09T12:55:00Z

value	0.00733
scoring_system	epss
scoring_elements	0.72744
published_at	2026-04-11T12:55:00Z

value	0.00733
scoring_system	epss
scoring_elements	0.72727
published_at	2026-04-12T12:55:00Z

value	0.00733
scoring_system	epss
scoring_elements	0.72717
published_at	2026-04-13T12:55:00Z

value	0.00733
scoring_system	epss
scoring_elements	0.72759
published_at	2026-04-16T12:55:00Z

value	0.00733
scoring_system	epss
scoring_elements	0.7277
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-19203

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19203
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19203

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/kkos/oniguruma/issues/163
reference_id
reference_type
scores
url	https://github.com/kkos/oniguruma/issues/163

reference_url	https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2
reference_id
reference_type
scores
url	https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2

reference_url	https://github.com/ManhNDd/CVE-2019-19203
reference_id
reference_type
scores
url	https://github.com/ManhNDd/CVE-2019-19203

reference_url	https://github.com/tarantula-team/CVE-2019-19203
reference_id
reference_type
scores
url	https://github.com/tarantula-team/CVE-2019-19203

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1802061
reference_id	1802061
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1802061

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945312
reference_id	945312
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945312

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma::::::::
reference_id	cpe:2.3:a:oniguruma_project:oniguruma::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1::::::
reference_id	cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-19203

reference_id

CVE-2019-19203

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-19203

reference_url	https://access.redhat.com/errata/RHSA-2020:3662
reference_id	RHSA-2020:3662
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3662

reference_url	https://access.redhat.com/errata/RHSA-2020:5275
reference_id	RHSA-2020:5275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5275

reference_url	https://access.redhat.com/errata/RHSA-2024:0409
reference_id	RHSA-2024:0409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0409

reference_url	https://access.redhat.com/errata/RHSA-2024:0572
reference_id	RHSA-2024:0572
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0572

reference_url	https://access.redhat.com/errata/RHSA-2024:0889
reference_id	RHSA-2024:0889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0889

reference_url	https://usn.ubuntu.com/USN-5662-1/
reference_id	USN-USN-5662-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5662-1/

fixed_packages

url	pkg:deb/debian/libonig@6.9.4-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.4-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.6-1.1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.6-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.6-1.1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.8-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.8-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.9-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.9-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.9-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.10-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.10-1%3Fdistro=trixie

aliases CVE-2019-19203

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-khf6-r7w8-c7bm

url VCID-p5gj-xqc9-yqar

vulnerability_id VCID-p5gj-xqc9-yqar

summary oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16163.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16163.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16163

reference_id

reference_type

scores

value	0.00085
scoring_system	epss
scoring_elements	0.24648
published_at	2026-04-01T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24442
published_at	2026-04-29T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24552
published_at	2026-04-21T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24496
published_at	2026-04-24T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24483
published_at	2026-04-26T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24724
published_at	2026-04-02T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24763
published_at	2026-04-04T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24536
published_at	2026-04-07T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24607
published_at	2026-04-08T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24655
published_at	2026-04-09T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24671
published_at	2026-04-11T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.2463
published_at	2026-04-12T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24573
published_at	2026-04-13T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24586
published_at	2026-04-16T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24576
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16163

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16163
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16163

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/kkos/oniguruma/commit/4097828d7cc87589864fecf452f2cd46c5f37180
reference_id
reference_type
scores
url	https://github.com/kkos/oniguruma/commit/4097828d7cc87589864fecf452f2cd46c5f37180

reference_url	https://github.com/kkos/oniguruma/compare/v6.9.2...v6.9.3
reference_id
reference_type
scores
url	https://github.com/kkos/oniguruma/compare/v6.9.2...v6.9.3

reference_url	https://github.com/kkos/oniguruma/issues/147
reference_id
reference_type
scores
url	https://github.com/kkos/oniguruma/issues/147

reference_url	https://lists.debian.org/debian-lts-announce/2019/09/msg00010.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/09/msg00010.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWOWZZNFSAWM3BUTQNAE3PD44A6JU4KE/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWOWZZNFSAWM3BUTQNAE3PD44A6JU4KE/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW47MSFZ6WYOAOFXHBDGU4LYACFRKC2Y/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW47MSFZ6WYOAOFXHBDGU4LYACFRKC2Y/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1768997
reference_id	1768997
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1768997

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939988
reference_id	939988
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939988

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma::::::::
reference_id	cpe:2.3:a:oniguruma_project:oniguruma::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-16163

reference_id

CVE-2019-16163

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-16163

reference_url	https://access.redhat.com/errata/RHSA-2020:3662
reference_id	RHSA-2020:3662
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3662

reference_url	https://access.redhat.com/errata/RHSA-2024:0409
reference_id	RHSA-2024:0409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0409

reference_url	https://access.redhat.com/errata/RHSA-2024:0572
reference_id	RHSA-2024:0572
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0572

reference_url	https://access.redhat.com/errata/RHSA-2024:0889
reference_id	RHSA-2024:0889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0889

reference_url	https://usn.ubuntu.com/4460-1/
reference_id	USN-4460-1
reference_type
scores
url	https://usn.ubuntu.com/4460-1/

reference_url	https://usn.ubuntu.com/USN-5662-1/
reference_id	USN-USN-5662-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5662-1/

fixed_packages

url	pkg:deb/debian/libonig@6.9.4-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.4-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.6-1.1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.6-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.6-1.1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.8-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.8-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.9-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.9-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.9-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.10-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.10-1%3Fdistro=trixie

aliases CVE-2019-16163

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p5gj-xqc9-yqar

url VCID-xzt6-6k5g-byap

vulnerability_id VCID-xzt6-6k5g-byap

summary oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19012.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19012.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-19012

reference_id

reference_type

scores

value	0.14783
scoring_system	epss
scoring_elements	0.94467
published_at	2026-04-01T12:55:00Z

value	0.14783
scoring_system	epss
scoring_elements	0.94524
published_at	2026-04-26T12:55:00Z

value	0.14783
scoring_system	epss
scoring_elements	0.94525
published_at	2026-04-29T12:55:00Z

value	0.14783
scoring_system	epss
scoring_elements	0.94526
published_at	2026-04-24T12:55:00Z

value	0.14783
scoring_system	epss
scoring_elements	0.94474
published_at	2026-04-02T12:55:00Z

value	0.14783
scoring_system	epss
scoring_elements	0.94481
published_at	2026-04-04T12:55:00Z

value	0.14783
scoring_system	epss
scoring_elements	0.94483
published_at	2026-04-07T12:55:00Z

value	0.14783
scoring_system	epss
scoring_elements	0.94493
published_at	2026-04-08T12:55:00Z

value	0.14783
scoring_system	epss
scoring_elements	0.94497
published_at	2026-04-09T12:55:00Z

value	0.14783
scoring_system	epss
scoring_elements	0.945
published_at	2026-04-11T12:55:00Z

value	0.14783
scoring_system	epss
scoring_elements	0.94502
published_at	2026-04-13T12:55:00Z

value	0.14783
scoring_system	epss
scoring_elements	0.94516
published_at	2026-04-16T12:55:00Z

value	0.14783
scoring_system	epss
scoring_elements	0.94521
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-19012

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19012
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19012

reference_url	https://github.com/kkos/oniguruma/issues/164
reference_id
reference_type
scores
url	https://github.com/kkos/oniguruma/issues/164

reference_url	https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2
reference_id
reference_type
scores
url	https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2

reference_url	https://github.com/tarantula-team/CVE-2019-19012
reference_id
reference_type
scores
url	https://github.com/tarantula-team/CVE-2019-19012

reference_url	https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1802051
reference_id	1802051
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1802051

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944959
reference_id	944959
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944959

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma::::::::
reference_id	cpe:2.3:a:oniguruma_project:oniguruma::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1::::::
reference_id	cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-19012

reference_id

CVE-2019-19012

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-19012

reference_url	https://access.redhat.com/errata/RHSA-2024:0409
reference_id	RHSA-2024:0409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0409

reference_url	https://access.redhat.com/errata/RHSA-2024:0572
reference_id	RHSA-2024:0572
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0572

reference_url	https://access.redhat.com/errata/RHSA-2024:0889
reference_id	RHSA-2024:0889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0889

reference_url	https://access.redhat.com/errata/RHSA-2025:7539
reference_id	RHSA-2025:7539
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7539

reference_url	https://usn.ubuntu.com/4460-1/
reference_id	USN-4460-1
reference_type
scores
url	https://usn.ubuntu.com/4460-1/

reference_url	https://usn.ubuntu.com/USN-5662-1/
reference_id	USN-USN-5662-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5662-1/

fixed_packages

url	pkg:deb/debian/libonig@6.9.4-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.4-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.6-1.1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.6-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.6-1.1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.8-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.8-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.9-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.9-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.9-1%3Fdistro=trixie

url	pkg:deb/debian/libonig@6.9.10-1?distro=trixie
purl	pkg:deb/debian/libonig@6.9.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.10-1%3Fdistro=trixie

aliases CVE-2019-19012

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xzt6-6k5g-byap

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.4-1%3Fdistro=trixie

Package Instance