{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","type":"deb","namespace":"debian","name":"python2.7","version":"0","qualifiers":{"distro":"bullseye"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.7-1","latest_non_vulnerable_version":"2.7.18-8+deb11u1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31515?format=json","vulnerability_id":"VCID-1hw3-vhwb-nkcd","summary":"Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12718.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12718.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-12718","reference_id":"","reference_type":"","scores":[{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71893","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71903","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71904","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.719","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71854","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71871","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71867","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71793","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71842","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71859","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71835","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71824","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71785","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71811","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-12718"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/127987","reference_id":"127987","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/issues/127987"},{"reference_url":"https://github.com/python/cpython/issues/135034","reference_id":"135034","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/issues/135034"},{"reference_url":"https://github.com/python/cpython/pull/135037","reference_id":"135037","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/pull/135037"},{"reference_url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da","reference_id":"19de092debb3d7e832e5672cc2f7b788d35951da","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370013","reference_id":"2370013","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370013"},{"reference_url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9","reference_id":"28463dba112af719df1e8b0391c46787ad756dd9","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9"},{"reference_url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a","reference_id":"3612d8f51741b11f36f8fb0494d79086bac9390a","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"},{"reference_url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_id":"4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e"},{"reference_url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f","reference_id":"52398e33eff261329a0180ac1d54f42f","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"},{"reference_url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a","reference_id":"9c1110ef6652687d7c55f590f909720eddde965a","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a"},{"reference_url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_id":"9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"},{"reference_url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_id":"aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01"},{"reference_url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_id":"dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1"},{"reference_url":"https://security.gentoo.org/glsa/202506-07","reference_id":"GLSA-202506-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-07"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/","reference_id":"MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10026","reference_id":"RHSA-2025:10026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10028","reference_id":"RHSA-2025:10028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10031","reference_id":"RHSA-2025:10031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10128","reference_id":"RHSA-2025:10128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10136","reference_id":"RHSA-2025:10136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10140","reference_id":"RHSA-2025:10140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10148","reference_id":"RHSA-2025:10148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10189","reference_id":"RHSA-2025:10189","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10399","reference_id":"RHSA-2025:10399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10484","reference_id":"RHSA-2025:10484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10602","reference_id":"RHSA-2025:10602","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10602"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11386","reference_id":"RHSA-2025:11386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13267","reference_id":"RHSA-2025:13267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18219","reference_id":"RHSA-2025:18219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9918","reference_id":"RHSA-2025:9918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7583-1/","reference_id":"USN-7583-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7583-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2024-12718"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1hw3-vhwb-nkcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64367?format=json","vulnerability_id":"VCID-1pr1-jkqa-43g6","summary":"cpython: CPython: Logging Bypass in Legacy .pyc File Handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2297.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2297.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2297","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03405","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03392","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04534","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04498","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04549","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04539","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04525","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04509","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04481","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0449","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04627","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04669","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04703","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04728","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04723","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2297"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/145506","reference_id":"145506","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:58:41Z/"}],"url":"https://github.com/python/cpython/issues/145506"},{"reference_url":"https://github.com/python/cpython/pull/145507","reference_id":"145507","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:58:41Z/"}],"url":"https://github.com/python/cpython/pull/145507"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2444691","reference_id":"2444691","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2444691"},{"reference_url":"https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e","reference_id":"482d6f8bdba9da3725d272e8bb4a2d25fb6a603e","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:58:41Z/"}],"url":"https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e"},{"reference_url":"https://github.com/python/cpython/commit/69ddd9bb2cc4bd69b1565647c18659c6a789ccd9","reference_id":"69ddd9bb2cc4bd69b1565647c18659c6a789ccd9","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:58:41Z/"}],"url":"https://github.com/python/cpython/commit/69ddd9bb2cc4bd69b1565647c18659c6a789ccd9"},{"reference_url":"https://github.com/python/cpython/commit/876858c9f65d9ab656c7fa639f268ce7856d89dd","reference_id":"876858c9f65d9ab656c7fa639f268ce7856d89dd","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:58:41Z/"}],"url":"https://github.com/python/cpython/commit/876858c9f65d9ab656c7fa639f268ce7856d89dd"},{"reference_url":"https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e","reference_id":"a51b1b512de1d56b3714b65628a2eae2b07e535e","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:58:41Z/"}],"url":"https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e"},{"reference_url":"https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86","reference_id":"e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:58:41Z/"}],"url":"https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10950","reference_id":"RHSA-2026:10950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7443","reference_id":"RHSA-2026:7443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7661","reference_id":"RHSA-2026:7661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8822","reference_id":"RHSA-2026:8822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8824","reference_id":"RHSA-2026:8824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8824"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2026-2297"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1pr1-jkqa-43g6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87804?format=json","vulnerability_id":"VCID-22da-bqwg-2fdf","summary":"python: rgbimg: multiple security issues","references":[{"reference_url":"http://bugs.python.org/issue8678","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.python.org/issue8678"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1450.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1450.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1450","reference_id":"","reference_type":"","scores":[{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.86224","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.86095","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.86106","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.86122","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.86121","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.8614","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.86152","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.86166","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.86164","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.8616","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.86177","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.86183","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.86173","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.86195","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.86204","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02822","scoring_system":"epss","scoring_elements":"0.86205","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1450"},{"reference_url":"http://secunia.com/advisories/42888","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42888"},{"reference_url":"http://secunia.com/advisories/43068","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43068"},{"reference_url":"http://secunia.com/advisories/43364","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43364"},{"reference_url":"http://support.apple.com/kb/HT4435","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT4435"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:215","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:215"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0027.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0027.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0260.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0260.html"},{"reference_url":"http://www.securityfocus.com/bid/40365","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/40365"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0122","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0122"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0212","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0212"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0413","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0413"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=541698","reference_id":"541698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=541698"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1450","reference_id":"CVE-2010-1450","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0027","reference_id":"RHSA-2011:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0260","reference_id":"RHSA-2011:0260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0260"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2010-1450"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-22da-bqwg-2fdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36443?format=json","vulnerability_id":"VCID-2j3t-a3r6-vfg7","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which might allow attackers to access sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3426.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3426.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3426","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23679","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23519","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23894","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23548","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23669","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23709","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23721","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.2384","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.2387","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23859","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23913","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23957","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.2394","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.24042","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23827","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3426"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1935913","reference_id":"1935913","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1935913"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/","reference_id":"25HVHLBGO2KNPXJ3G426QEYSSCECJDU5","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/"},{"reference_url":"https://security.archlinux.org/AVG-1675","reference_id":"AVG-1675","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1675"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/","reference_id":"BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/","reference_id":"DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/"},{"reference_url":"https://security.gentoo.org/glsa/202104-04","reference_id":"GLSA-202104-04","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/"}],"url":"https://security.gentoo.org/glsa/202104-04"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/","reference_id":"LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html","reference_id":"msg00005.html","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html","reference_id":"msg00039.html","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/","reference_id":"N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210629-0003/","reference_id":"ntap-20210629-0003","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210629-0003/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/","reference_id":"QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4160","reference_id":"RHSA-2021:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4162","reference_id":"RHSA-2021:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4399","reference_id":"RHSA-2021:4399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4399"},{"reference_url":"https://usn.ubuntu.com/5342-1/","reference_id":"USN-5342-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5342-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5342-3/","reference_id":"USN-USN-5342-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5342-3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/","reference_id":"VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2021-3426"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2j3t-a3r6-vfg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75343?format=json","vulnerability_id":"VCID-2v5u-2z4w-ffgx","summary":"python: incorrect IPv4 and IPv6 private ranges","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4032.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4032.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4032","reference_id":"","reference_type":"","scores":[{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78384","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78371","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78355","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78348","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78316","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.7832","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78322","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78292","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78297","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78243","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78274","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78256","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78282","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78288","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4032"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4032","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4032"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/113171","reference_id":"113171","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/"}],"url":"https://github.com/python/cpython/issues/113171"},{"reference_url":"https://github.com/python/cpython/pull/113179","reference_id":"113179","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/"}],"url":"https://github.com/python/cpython/pull/113179"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2292921","reference_id":"2292921","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2292921"},{"reference_url":"https://github.com/python/cpython/commit/22adf29da8d99933ffed8647d3e0726edd16f7f8","reference_id":"22adf29da8d99933ffed8647d3e0726edd16f7f8","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/"}],"url":"https://github.com/python/cpython/commit/22adf29da8d99933ffed8647d3e0726edd16f7f8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/06/17/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/06/17/3"},{"reference_url":"https://github.com/python/cpython/commit/40d75c2b7f5c67e254d0a025e0f2e2c7ada7f69f","reference_id":"40d75c2b7f5c67e254d0a025e0f2e2c7ada7f69f","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/"}],"url":"https://github.com/python/cpython/commit/40d75c2b7f5c67e254d0a025e0f2e2c7ada7f69f"},{"reference_url":"https://github.com/python/cpython/commit/895f7e2ac23eff4743143beef0f0c5ac71ea27d3","reference_id":"895f7e2ac23eff4743143beef0f0c5ac71ea27d3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/"}],"url":"https://github.com/python/cpython/commit/895f7e2ac23eff4743143beef0f0c5ac71ea27d3"},{"reference_url":"https://github.com/python/cpython/commit/ba431579efdcbaed7a96f2ac4ea0775879a332fb","reference_id":"ba431579efdcbaed7a96f2ac4ea0775879a332fb","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/"}],"url":"https://github.com/python/cpython/commit/ba431579efdcbaed7a96f2ac4ea0775879a332fb"},{"reference_url":"https://github.com/python/cpython/commit/c62c9e518b784fe44432a3f4fc265fb95b651906","reference_id":"c62c9e518b784fe44432a3f4fc265fb95b651906","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/"}],"url":"https://github.com/python/cpython/commit/c62c9e518b784fe44432a3f4fc265fb95b651906"},{"reference_url":"https://github.com/python/cpython/commit/f86b17ac511e68192ba71f27e752321a3252cee3","reference_id":"f86b17ac511e68192ba71f27e752321a3252cee3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/"}],"url":"https://github.com/python/cpython/commit/f86b17ac511e68192ba71f27e752321a3252cee3"},{"reference_url":"https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml","reference_id":"iana-ipv4-special-registry.xhtml","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/"}],"url":"https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml"},{"reference_url":"https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml","reference_id":"iana-ipv6-special-registry.xhtml","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/"}],"url":"https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/NRUHDUS2IV2USIZM2CVMSFL6SCKU3RZA/","reference_id":"NRUHDUS2IV2USIZM2CVMSFL6SCKU3RZA","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/NRUHDUS2IV2USIZM2CVMSFL6SCKU3RZA/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240726-0004/","reference_id":"ntap-20240726-0004","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240726-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4766","reference_id":"RHSA-2024:4766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4779","reference_id":"RHSA-2024:4779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4779"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5962","reference_id":"RHSA-2024:5962","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5962"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6030","reference_id":"RHSA-2024:6030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6961","reference_id":"RHSA-2024:6961","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6962","reference_id":"RHSA-2024:6962","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6962"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6975","reference_id":"RHSA-2024:6975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7417","reference_id":"RHSA-2024:7417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7417"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9190","reference_id":"RHSA-2024:9190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9190"},{"reference_url":"https://usn.ubuntu.com/6928-1/","reference_id":"USN-6928-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6928-1/"},{"reference_url":"https://usn.ubuntu.com/6941-1/","reference_id":"USN-6941-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6941-1/"},{"reference_url":"https://usn.ubuntu.com/7348-1/","reference_id":"USN-7348-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7348-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2024-4032"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2v5u-2z4w-ffgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83126?format=json","vulnerability_id":"VCID-34fd-g6ss-t3fj","summary":"python: Integer overflow in Modules/_pickle.c allows for memory exhaustion if serializing gigabytes of data","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20406.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20406.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20406","reference_id":"","reference_type":"","scores":[{"value":"0.01561","scoring_system":"epss","scoring_elements":"0.81575","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.83613","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.83739","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.83747","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.83755","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.83626","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.8364","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.83642","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.83666","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.83673","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.83689","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.83683","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.83679","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.83714","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02005","scoring_system":"epss","scoring_elements":"0.83715","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20406"},{"reference_url":"https://bugs.python.org/issue34656","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue34656"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D3LXPABKVLFYUHRYJPM3CSS5MS6FXKS7/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D3LXPABKVLFYUHRYJPM3CSS5MS6FXKS7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICBEGRHIPHWPG2VGYS6R4EVKVUUF4AQW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICBEGRHIPHWPG2VGYS6R4EVKVUUF4AQW/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TR6GCO3WTV4D5L23WTCBF275VE6BVNI3/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TR6GCO3WTV4D5L23WTCBF275VE6BVNI3/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190416-0010/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190416-0010/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1664509","reference_id":"1664509","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1664509"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20406","reference_id":"CVE-2018-20406","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20406"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3725","reference_id":"RHSA-2019:3725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3725"},{"reference_url":"https://usn.ubuntu.com/4127-1/","reference_id":"USN-4127-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-1/"},{"reference_url":"https://usn.ubuntu.com/4127-2/","reference_id":"USN-4127-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2018-20406"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-34fd-g6ss-t3fj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31516?format=json","vulnerability_id":"VCID-4afh-28ss-mudf","summary":"Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4138.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4138","reference_id":"","reference_type":"","scores":[{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50673","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50571","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50699","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50655","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.5071","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50706","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50748","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50725","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.5075","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50756","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50736","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50685","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50693","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50648","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4138"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/135034","reference_id":"135034","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/issues/135034"},{"reference_url":"https://github.com/python/cpython/pull/135037","reference_id":"135037","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/pull/135037"},{"reference_url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da","reference_id":"19de092debb3d7e832e5672cc2f7b788d35951da","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372426","reference_id":"2372426","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372426"},{"reference_url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9","reference_id":"28463dba112af719df1e8b0391c46787ad756dd9","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9"},{"reference_url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a","reference_id":"3612d8f51741b11f36f8fb0494d79086bac9390a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"},{"reference_url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_id":"4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e"},{"reference_url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f","reference_id":"52398e33eff261329a0180ac1d54f42f","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"},{"reference_url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a","reference_id":"9c1110ef6652687d7c55f590f909720eddde965a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a"},{"reference_url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_id":"9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"},{"reference_url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_id":"aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01"},{"reference_url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_id":"dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1"},{"reference_url":"https://security.gentoo.org/glsa/202506-07","reference_id":"GLSA-202506-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-07"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/","reference_id":"MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10026","reference_id":"RHSA-2025:10026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10028","reference_id":"RHSA-2025:10028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10031","reference_id":"RHSA-2025:10031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10128","reference_id":"RHSA-2025:10128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10136","reference_id":"RHSA-2025:10136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10140","reference_id":"RHSA-2025:10140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10148","reference_id":"RHSA-2025:10148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10189","reference_id":"RHSA-2025:10189","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10399","reference_id":"RHSA-2025:10399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10484","reference_id":"RHSA-2025:10484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10602","reference_id":"RHSA-2025:10602","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10602"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11386","reference_id":"RHSA-2025:11386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13267","reference_id":"RHSA-2025:13267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18219","reference_id":"RHSA-2025:18219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23530","reference_id":"RHSA-2025:23530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9918","reference_id":"RHSA-2025:9918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7583-1/","reference_id":"USN-7583-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7583-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2025-4138"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4afh-28ss-mudf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81078?format=json","vulnerability_id":"VCID-4pej-k4vs-j3d2","summary":"python: sys.path allowing code to be loaded from arbitrary locations","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15801.json","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15801.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15801","reference_id":"","reference_type":"","scores":[{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69871","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69883","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69898","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69875","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69922","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69939","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69963","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69947","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69933","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69976","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69987","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69969","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70019","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70028","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70003","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15801"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1860242","reference_id":"1860242","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1860242"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2020-15801"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4pej-k4vs-j3d2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31521?format=json","vulnerability_id":"VCID-757r-fs6p-qqdd","summary":"Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4517.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4517.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4517","reference_id":"","reference_type":"","scores":[{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53576","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53579","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53606","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53671","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53622","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53625","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60898","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60853","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60907","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60923","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60918","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60876","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60895","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60903","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.6091","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4517"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/135034","reference_id":"135034","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"}],"url":"https://github.com/python/cpython/issues/135034"},{"reference_url":"https://github.com/python/cpython/pull/135037","reference_id":"135037","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"}],"url":"https://github.com/python/cpython/pull/135037"},{"reference_url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da","reference_id":"19de092debb3d7e832e5672cc2f7b788d35951da","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"}],"url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370016","reference_id":"2370016","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370016"},{"reference_url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9","reference_id":"28463dba112af719df1e8b0391c46787ad756dd9","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"}],"url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9"},{"reference_url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a","reference_id":"3612d8f51741b11f36f8fb0494d79086bac9390a","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"}],"url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"},{"reference_url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_id":"4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"}],"url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e"},{"reference_url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f","reference_id":"52398e33eff261329a0180ac1d54f42f","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"}],"url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"},{"reference_url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a","reference_id":"9c1110ef6652687d7c55f590f909720eddde965a","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"}],"url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a"},{"reference_url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_id":"9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"}],"url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"},{"reference_url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_id":"aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"}],"url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01"},{"reference_url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_id":"dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"}],"url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1"},{"reference_url":"https://security.gentoo.org/glsa/202506-07","reference_id":"GLSA-202506-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-07"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/","reference_id":"MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10026","reference_id":"RHSA-2025:10026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10028","reference_id":"RHSA-2025:10028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10031","reference_id":"RHSA-2025:10031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10128","reference_id":"RHSA-2025:10128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10136","reference_id":"RHSA-2025:10136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10140","reference_id":"RHSA-2025:10140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10148","reference_id":"RHSA-2025:10148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10189","reference_id":"RHSA-2025:10189","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10399","reference_id":"RHSA-2025:10399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10484","reference_id":"RHSA-2025:10484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10602","reference_id":"RHSA-2025:10602","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10602"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11386","reference_id":"RHSA-2025:11386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13267","reference_id":"RHSA-2025:13267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18219","reference_id":"RHSA-2025:18219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23530","reference_id":"RHSA-2025:23530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9918","reference_id":"RHSA-2025:9918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7583-1/","reference_id":"USN-7583-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7583-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2025-4517"],"risk_score":4.2,"exploitability":"0.5","weighted_severity":"8.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-757r-fs6p-qqdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42639?format=json","vulnerability_id":"VCID-7ka5-7jrn-dber","summary":"Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6597.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6597.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6597","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23141","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22719","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22818","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22974","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23083","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23121","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23101","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23048","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23185","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22823","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22828","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22994","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23033","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23041","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23028","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6597"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/commit/02a9259c717738dfe6b463c44d7e17f2b6d2cb3a","reference_id":"02a9259c717738dfe6b463c44d7e17f2b6d2cb3a","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/"}],"url":"https://github.com/python/cpython/commit/02a9259c717738dfe6b463c44d7e17f2b6d2cb3a"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070135","reference_id":"1070135","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070135"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2276518","reference_id":"2276518","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2276518"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/20/5","reference_id":"5","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/03/20/5"},{"reference_url":"https://github.com/python/cpython/commit/5585334d772b253a01a6730e8202ffb1607c3d25","reference_id":"5585334d772b253a01a6730e8202ffb1607c3d25","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/"}],"url":"https://github.com/python/cpython/commit/5585334d772b253a01a6730e8202ffb1607c3d25"},{"reference_url":"https://github.com/python/cpython/commit/6ceb8aeda504b079fef7a57b8d81472f15cdd9a5","reference_id":"6ceb8aeda504b079fef7a57b8d81472f15cdd9a5","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/"}],"url":"https://github.com/python/cpython/commit/6ceb8aeda504b079fef7a57b8d81472f15cdd9a5"},{"reference_url":"https://github.com/python/cpython/commit/81c16cd94ec38d61aa478b9a452436dc3b1b524d","reference_id":"81c16cd94ec38d61aa478b9a452436dc3b1b524d","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/"}],"url":"https://github.com/python/cpython/commit/81c16cd94ec38d61aa478b9a452436dc3b1b524d"},{"reference_url":"https://github.com/python/cpython/commit/8eaeefe49d179ca4908d052745e3bb8b6f238f82","reference_id":"8eaeefe49d179ca4908d052745e3bb8b6f238f82","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/"}],"url":"https://github.com/python/cpython/commit/8eaeefe49d179ca4908d052745e3bb8b6f238f82"},{"reference_url":"https://github.com/python/cpython/issues/91133","reference_id":"91133","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/"}],"url":"https://github.com/python/cpython/issues/91133"},{"reference_url":"https://github.com/python/cpython/commit/d54e22a669ae6e987199bb5d2c69bb5a46b0083b","reference_id":"d54e22a669ae6e987199bb5d2c69bb5a46b0083b","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/"}],"url":"https://github.com/python/cpython/commit/d54e22a669ae6e987199bb5d2c69bb5a46b0083b"},{"reference_url":"https://security.gentoo.org/glsa/202405-01","reference_id":"GLSA-202405-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html","reference_id":"msg00025.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/Q5C6ATFC67K53XFV4KE45325S7NS62LD/","reference_id":"Q5C6ATFC67K53XFV4KE45325S7NS62LD","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/Q5C6ATFC67K53XFV4KE45325S7NS62LD/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3347","reference_id":"RHSA-2024:3347","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3391","reference_id":"RHSA-2024:3391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3466","reference_id":"RHSA-2024:3466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4058","reference_id":"RHSA-2024:4058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4077","reference_id":"RHSA-2024:4077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4078","reference_id":"RHSA-2024:4078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4166","reference_id":"RHSA-2024:4166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4370","reference_id":"RHSA-2024:4370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4406","reference_id":"RHSA-2024:4406","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4406"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4456","reference_id":"RHSA-2024:4456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4896","reference_id":"RHSA-2024:4896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5535","reference_id":"RHSA-2024:5535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5689","reference_id":"RHSA-2024:5689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0364","reference_id":"RHSA-2025:0364","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0646","reference_id":"RHSA-2025:0646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0650","reference_id":"RHSA-2025:0650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0832","reference_id":"RHSA-2025:0832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1116","reference_id":"RHSA-2025:1116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1120","reference_id":"RHSA-2025:1120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2705","reference_id":"RHSA-2025:2705","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2705"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/","reference_id":"T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/","reference_id":"U5VHWS52HGD743C47UMCSAK2A773M2YE","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2023-6597"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ka5-7jrn-dber"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78164?format=json","vulnerability_id":"VCID-7nj2-94zp-d3bp","summary":"python: DoS when processing malformed Apple Property List files in binary format","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48564.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48564.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48564","reference_id":"","reference_type":"","scores":[{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27213","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.2725","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27044","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27113","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27159","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27165","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27121","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.26955","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.2689","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27064","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27072","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27046","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27008","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.26962","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.2841","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48564"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48564","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48564"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249750","reference_id":"2249750","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249750"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0114","reference_id":"RHSA-2024:0114","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0114"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0430","reference_id":"RHSA-2024:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0586","reference_id":"RHSA-2024:0586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0586"},{"reference_url":"https://usn.ubuntu.com/6513-1/","reference_id":"USN-6513-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6513-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2022-48564"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7nj2-94zp-d3bp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50410?format=json","vulnerability_id":"VCID-7q8s-6emv-ykhx","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7338.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7338.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7338","reference_id":"","reference_type":"","scores":[{"value":"0.05918","scoring_system":"epss","scoring_elements":"0.90566","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05918","scoring_system":"epss","scoring_elements":"0.90571","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05918","scoring_system":"epss","scoring_elements":"0.90581","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05918","scoring_system":"epss","scoring_elements":"0.9059","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0778","scoring_system":"epss","scoring_elements":"0.91959","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0778","scoring_system":"epss","scoring_elements":"0.91965","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0778","scoring_system":"epss","scoring_elements":"0.91967","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0778","scoring_system":"epss","scoring_elements":"0.91963","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0778","scoring_system":"epss","scoring_elements":"0.91983","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0778","scoring_system":"epss","scoring_elements":"0.9198","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0778","scoring_system":"epss","scoring_elements":"0.91976","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0778","scoring_system":"epss","scoring_elements":"0.91981","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0778","scoring_system":"epss","scoring_elements":"0.91979","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0778","scoring_system":"epss","scoring_elements":"0.91989","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7338"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1078014","reference_id":"1078014","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1078014"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2013-7338"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7q8s-6emv-ykhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31517?format=json","vulnerability_id":"VCID-8zdt-4q7m-t7ht","summary":"Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4330.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4330.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4330","reference_id":"","reference_type":"","scores":[{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77068","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77219","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77214","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77199","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77192","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77158","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.7708","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77112","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77097","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77166","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77164","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77123","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77128","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77149","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77122","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4330"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/135034","reference_id":"135034","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/issues/135034"},{"reference_url":"https://github.com/python/cpython/pull/135037","reference_id":"135037","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/pull/135037"},{"reference_url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da","reference_id":"19de092debb3d7e832e5672cc2f7b788d35951da","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370014","reference_id":"2370014","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370014"},{"reference_url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9","reference_id":"28463dba112af719df1e8b0391c46787ad756dd9","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9"},{"reference_url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a","reference_id":"3612d8f51741b11f36f8fb0494d79086bac9390a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"},{"reference_url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_id":"4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e"},{"reference_url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f","reference_id":"52398e33eff261329a0180ac1d54f42f","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"},{"reference_url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a","reference_id":"9c1110ef6652687d7c55f590f909720eddde965a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a"},{"reference_url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_id":"9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"},{"reference_url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_id":"aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01"},{"reference_url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_id":"dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1"},{"reference_url":"https://security.gentoo.org/glsa/202506-07","reference_id":"GLSA-202506-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-07"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/","reference_id":"MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10026","reference_id":"RHSA-2025:10026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10028","reference_id":"RHSA-2025:10028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10031","reference_id":"RHSA-2025:10031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10128","reference_id":"RHSA-2025:10128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10136","reference_id":"RHSA-2025:10136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10140","reference_id":"RHSA-2025:10140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10148","reference_id":"RHSA-2025:10148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10189","reference_id":"RHSA-2025:10189","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10399","reference_id":"RHSA-2025:10399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10484","reference_id":"RHSA-2025:10484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10602","reference_id":"RHSA-2025:10602","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10602"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13267","reference_id":"RHSA-2025:13267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23530","reference_id":"RHSA-2025:23530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9918","reference_id":"RHSA-2025:9918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9918"},{"reference_url":"https://usn.ubuntu.com/7583-1/","reference_id":"USN-7583-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7583-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2025-4330"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8zdt-4q7m-t7ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64939?format=json","vulnerability_id":"VCID-94n7-6q4s-3udv","summary":"cpython: Header injection via newlines in data URL mediatype in Python","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15282.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15282.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15282","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13681","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13323","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13742","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13544","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13624","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13676","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13646","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13609","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13561","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13476","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13472","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13543","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13555","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13527","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13418","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15282"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0","reference_id":"05356b1cc153108aaf27f3b72ce438af4aa218c0","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/"}],"url":"https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126779","reference_id":"1126779","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126779"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126780","reference_id":"1126780","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126780"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126781","reference_id":"1126781","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126781"},{"reference_url":"https://github.com/python/cpython/issues/143925","reference_id":"143925","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/"}],"url":"https://github.com/python/cpython/issues/143925"},{"reference_url":"https://github.com/python/cpython/pull/143926","reference_id":"143926","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/"}],"url":"https://github.com/python/cpython/pull/143926"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431366","reference_id":"2431366","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431366"},{"reference_url":"https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38","reference_id":"34d76b00dabde81a793bd06dd8ecb057838c4b38","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/"}],"url":"https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38"},{"reference_url":"https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80","reference_id":"3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/"}],"url":"https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80"},{"reference_url":"https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47","reference_id":"4ed11d3cd288e6b90196a15c5a825a45d318fe47","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/"}],"url":"https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47"},{"reference_url":"https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a","reference_id":"a35ca3be5842505dab74dc0b90b89cde0405017a","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/"}],"url":"https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a"},{"reference_url":"https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f","reference_id":"f25509e78e8be6ea73c811ac2b8c928c28841b9f","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/"}],"url":"https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10950","reference_id":"RHSA-2026:10950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7443","reference_id":"RHSA-2026:7443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7661","reference_id":"RHSA-2026:7661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8822","reference_id":"RHSA-2026:8822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8824","reference_id":"RHSA-2026:8824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8824"},{"reference_url":"https://usn.ubuntu.com/8018-1/","reference_id":"USN-8018-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8018-1/"},{"reference_url":"https://usn.ubuntu.com/8018-3/","reference_id":"USN-8018-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8018-3/"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/","reference_id":"X66HL7SISGJT33J53OHXMZT4DFLMHVKF","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2025-15282"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-94n7-6q4s-3udv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38942?format=json","vulnerability_id":"VCID-a8mv-mr3q-vygz","summary":"Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42919.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42919","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09956","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10004","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09902","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10026","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09978","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0998","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10002","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10042","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11523","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11443","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1157","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11444","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1134","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11412","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11482","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42919"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2138705","reference_id":"2138705","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2138705"},{"reference_url":"https://github.com/python/cpython/issues/97514","reference_id":"97514","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://github.com/python/cpython/issues/97514"},{"reference_url":"https://github.com/python/cpython/issues/97514#issuecomment-1310277840","reference_id":"97514#issuecomment-1310277840","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://github.com/python/cpython/issues/97514#issuecomment-1310277840"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU/","reference_id":"FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221209-0006/","reference_id":"ntap-20221209-0006","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221209-0006/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH/","reference_id":"P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ/","reference_id":"PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/","reference_id":"QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI/","reference_id":"R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/","reference_id":"RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8492","reference_id":"RHSA-2022:8492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8493","reference_id":"RHSA-2022:8493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8493"},{"reference_url":"https://usn.ubuntu.com/5713-1/","reference_id":"USN-5713-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5713-1/"},{"reference_url":"https://usn.ubuntu.com/5888-1/","reference_id":"USN-5888-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5888-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://github.com/python/cpython/compare/v3.10.8...v3.10.9","reference_id":"v3.10.8...v3.10.9","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://github.com/python/cpython/compare/v3.10.8...v3.10.9"},{"reference_url":"https://github.com/python/cpython/compare/v3.9.15...v3.9.16","reference_id":"v3.9.15...v3.9.16","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://github.com/python/cpython/compare/v3.9.15...v3.9.16"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN/","reference_id":"VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XX6LLAXGZVZ327REY6MDZRMMP47LJ53P/","reference_id":"XX6LLAXGZVZ327REY6MDZRMMP47LJ53P","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XX6LLAXGZVZ327REY6MDZRMMP47LJ53P/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2022-42919"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a8mv-mr3q-vygz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64945?format=json","vulnerability_id":"VCID-bn83-d2qp-9bfy","summary":"cpython: Missing character filtering in Python","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11468.json","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11468.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11468","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11821","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11482","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11863","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11649","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11734","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11797","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11759","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11733","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11597","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11595","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11718","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11676","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11637","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11561","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11468"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094","reference_id":"003b8315669b9f08b1010a49071f73f15f818094","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/"}],"url":"https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126786","reference_id":"1126786","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126786"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126787","reference_id":"1126787","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126787"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126788","reference_id":"1126788","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126788"},{"reference_url":"https://github.com/python/cpython/issues/143935","reference_id":"143935","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/"}],"url":"https://github.com/python/cpython/issues/143935"},{"reference_url":"https://github.com/python/cpython/pull/143936","reference_id":"143936","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/"}],"url":"https://github.com/python/cpython/pull/143936"},{"reference_url":"https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2","reference_id":"17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/"}],"url":"https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431375","reference_id":"2431375","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431375"},{"reference_url":"https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6","reference_id":"61614a5e5056e4f61ced65008d4576f3df34acb6","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/"}],"url":"https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6"},{"reference_url":"https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66","reference_id":"a76e4cd62dd68e7cbe86e37e6ed988495a646b66","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/"}],"url":"https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66"},{"reference_url":"https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0","reference_id":"e9970f077240c7c670e8a6fc6662f2b30d3b6ad0","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/"}],"url":"https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0"},{"reference_url":"https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796","reference_id":"f738386838021c762efea6c9802c82de65e87796","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/"}],"url":"https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/","reference_id":"FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7443","reference_id":"RHSA-2026:7443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7661","reference_id":"RHSA-2026:7661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8822","reference_id":"RHSA-2026:8822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8824","reference_id":"RHSA-2026:8824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8824"},{"reference_url":"https://usn.ubuntu.com/8018-1/","reference_id":"USN-8018-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8018-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2025-11468"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bn83-d2qp-9bfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31513?format=json","vulnerability_id":"VCID-dnv8-yrd6-c7cv","summary":"Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8088.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8088.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8088","reference_id":"","reference_type":"","scores":[{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45644","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.4575","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45809","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45799","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45924","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.4593","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45876","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45869","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45877","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45881","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45825","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45875","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45853","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.459","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8088"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8088","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8088"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/commit/0aa1ee22ab6e204e9d3d0e9dd63ea648ed691ef1","reference_id":"0aa1ee22ab6e204e9d3d0e9dd63ea648ed691ef1","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/commit/0aa1ee22ab6e204e9d3d0e9dd63ea648ed691ef1"},{"reference_url":"https://github.com/python/cpython/issues/122905","reference_id":"122905","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/issues/122905"},{"reference_url":"https://github.com/python/cpython/pull/122906","reference_id":"122906","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/pull/122906"},{"reference_url":"https://github.com/python/cpython/issues/123270","reference_id":"123270","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/issues/123270"},{"reference_url":"https://github.com/python/cpython/commit/2231286d78d328c2f575e0b05b16fe447d1656d6","reference_id":"2231286d78d328c2f575e0b05b16fe447d1656d6","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/commit/2231286d78d328c2f575e0b05b16fe447d1656d6"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307370","reference_id":"2307370","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307370"},{"reference_url":"https://github.com/python/cpython/commit/795f2597a4be988e2bb19b69ff9958e981cb894e","reference_id":"795f2597a4be988e2bb19b69ff9958e981cb894e","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/commit/795f2597a4be988e2bb19b69ff9958e981cb894e"},{"reference_url":"https://github.com/python/cpython/commit/7bc367e464ce50b956dd232c1dfa1cad4e7fb814","reference_id":"7bc367e464ce50b956dd232c1dfa1cad4e7fb814","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/commit/7bc367e464ce50b956dd232c1dfa1cad4e7fb814"},{"reference_url":"https://github.com/python/cpython/commit/7e8883a3f04d308302361aeffc73e0e9837f19d4","reference_id":"7e8883a3f04d308302361aeffc73e0e9837f19d4","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/commit/7e8883a3f04d308302361aeffc73e0e9837f19d4"},{"reference_url":"https://github.com/python/cpython/commit/8c7348939d8a3ecd79d630075f6be1b0c5b41f64","reference_id":"8c7348939d8a3ecd79d630075f6be1b0c5b41f64","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/commit/8c7348939d8a3ecd79d630075f6be1b0c5b41f64"},{"reference_url":"https://github.com/python/cpython/commit/95b073bddefa6243effa08e131e297c0383e7f6a","reference_id":"95b073bddefa6243effa08e131e297c0383e7f6a","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/commit/95b073bddefa6243effa08e131e297c0383e7f6a"},{"reference_url":"https://github.com/python/cpython/commit/962055268ed4f2ca1d717bfc8b6385de50a23ab7","reference_id":"962055268ed4f2ca1d717bfc8b6385de50a23ab7","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/commit/962055268ed4f2ca1d717bfc8b6385de50a23ab7"},{"reference_url":"https://github.com/python/cpython/commit/9cd03263100ddb1657826cc4a71470786cab3932","reference_id":"9cd03263100ddb1657826cc4a71470786cab3932","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/commit/9cd03263100ddb1657826cc4a71470786cab3932"},{"reference_url":"https://github.com/python/cpython/commit/dcc5182f27c1500006a1ef78e10613bb45788dea","reference_id":"dcc5182f27c1500006a1ef78e10613bb45788dea","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/commit/dcc5182f27c1500006a1ef78e10613bb45788dea"},{"reference_url":"https://github.com/python/cpython/commit/e0264a61119d551658d9445af38323ba94fc16db","reference_id":"e0264a61119d551658d9445af38323ba94fc16db","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/commit/e0264a61119d551658d9445af38323ba94fc16db"},{"reference_url":"https://github.com/python/cpython/commit/fc0b8259e693caa8400fa8b6ac1e494e47ea7798","reference_id":"fc0b8259e693caa8400fa8b6ac1e494e47ea7798","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://github.com/python/cpython/commit/fc0b8259e693caa8400fa8b6ac1e494e47ea7798"},{"reference_url":"https://security.gentoo.org/glsa/202506-07","reference_id":"GLSA-202506-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-07"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU/","reference_id":"GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5962","reference_id":"RHSA-2024:5962","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5962"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6163","reference_id":"RHSA-2024:6163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6961","reference_id":"RHSA-2024:6961","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6962","reference_id":"RHSA-2024:6962","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6962"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9190","reference_id":"RHSA-2024:9190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9192","reference_id":"RHSA-2024:9192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9371","reference_id":"RHSA-2024:9371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9371"},{"reference_url":"https://usn.ubuntu.com/7015-1/","reference_id":"USN-7015-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7015-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2024-8088"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dnv8-yrd6-c7cv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50773?format=json","vulnerability_id":"VCID-efdj-sb7s-p3fk","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14422.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14422.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14422","reference_id":"","reference_type":"","scores":[{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.71994","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.78633","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.7864","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.78671","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.78651","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.78677","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.78683","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.78708","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.7869","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.78682","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.78711","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.78709","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.78705","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.78733","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.78741","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01172","scoring_system":"epss","scoring_elements":"0.78758","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14422"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14422","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14422"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1854926","reference_id":"1854926","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1854926"},{"reference_url":"https://security.gentoo.org/glsa/202008-01","reference_id":"GLSA-202008-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4285","reference_id":"RHSA-2020:4285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4299","reference_id":"RHSA-2020:4299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4433","reference_id":"RHSA-2020:4433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4641","reference_id":"RHSA-2020:4641","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4641"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5010","reference_id":"RHSA-2020:5010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5010"},{"reference_url":"https://usn.ubuntu.com/4428-1/","reference_id":"USN-4428-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4428-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2020-14422"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-efdj-sb7s-p3fk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81661?format=json","vulnerability_id":"VCID-emku-csrd-4bg5","summary":"python: unsafe dll loading in getpathp.c on Windows","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8315.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8315.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8315","reference_id":"","reference_type":"","scores":[{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49634","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55273","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55296","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55278","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55328","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55329","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.5534","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55319","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.553","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55337","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55341","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.5532","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55257","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55277","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.5525","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55173","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8315"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1855039","reference_id":"1855039","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1855039"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2020-8315"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-emku-csrd-4bg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50412?format=json","vulnerability_id":"VCID-enav-dz7a-pqdq","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could lead to arbitrary code execution.","references":[{"reference_url":"http://bugs.python.org/issue21082","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.python.org/issue21082"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-05/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2014-05/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2667.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2667.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2667","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18541","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18829","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18844","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18733","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18712","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18668","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18823","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18903","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18957","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18963","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18916","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18865","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18817","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22387","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22185","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2667"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/201503-10","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-10"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/03/28/15","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/03/28/15"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/03/29/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/03/29/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/03/30/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/03/30/4"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1082177","reference_id":"1082177","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1082177"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2667","reference_id":"CVE-2014-2667","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2667"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2014-2667"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-enav-dz7a-pqdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30515?format=json","vulnerability_id":"VCID-ewbq-2gm8-tyf5","summary":"Buffer overflow in sponge queue functions\n### Impact\n\nThe Keccak sponge function interface accepts partial inputs to be absorbed and partial outputs to be squeezed. A buffer can overflow when partial data with some specific sizes are queued, where at least one of them has a length of 2^32 - 200 bytes or more.\n\n### Patches\n\nYes, see commit [fdc6fef0](https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a).\n\n### Workarounds\n\nThe problem can be avoided by limiting the size of the partial input data (or partial output digest) below 2^32 - 200 bytes. Multiple calls to the queue system can be chained at a higher level to retain the original functionality. Alternatively, one can process the entire input (or produce the entire output) at once, avoiding the queuing functions altogether.\n\n### References\n\nSee [issue #105](https://github.com/XKCP/XKCP/issues/105) for more details.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37454.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37454.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37454","reference_id":"","reference_type":"","scores":[{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.79935","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.79894","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.79943","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.7996","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.7994","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.79931","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.79903","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01329","scoring_system":"epss","scoring_elements":"0.79915","published_at":"2026-04-04T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80499","published_at":"2026-04-29T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80482","published_at":"2026-04-26T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80475","published_at":"2026-04-24T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80449","published_at":"2026-04-21T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80446","published_at":"2026-04-18T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80444","published_at":"2026-04-16T12:55:00Z"},{"value":"0.014","scoring_system":"epss","scoring_elements":"0.80515","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37454"},{"reference_url":"https://csrc.nist.gov/projects/hash-functions/sha-3-project","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://csrc.nist.gov/projects/hash-functions/sha-3-project"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454"},{"reference_url":"https://eprint.iacr.org/2023/331","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://eprint.iacr.org/2023/331"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/johanns/sha3/commit/5f2e8118a62831911703c8753ff2435c3b5d7312","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/johanns/sha3/commit/5f2e8118a62831911703c8753ff2435c3b5d7312"},{"reference_url":"https://github.com/johanns/sha3/issues/17","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/johanns/sha3/issues/17"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sha3/CVE-2022-37454.yml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sha3/CVE-2022-37454.yml"},{"reference_url":"https://github.com/tiran/pysha3/issues/29","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tiran/pysha3/issues/29"},{"reference_url":"https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a"},{"reference_url":"https://github.com/XKCP/XKCP/issues/105","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/XKCP/XKCP/issues/105"},{"reference_url":"https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":""},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/"},{"reference_url":"https://mouha.be/sha-3-buffer-overflow","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mouha.be/sha-3-buffer-overflow"},{"reference_url":"https://mouha.be/sha-3-buffer-overflow/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://mouha.be/sha-3-buffer-overflow/"},{"reference_url":"https://news.ycombinator.com/item?id=33281106","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://news.ycombinator.com/item?id=33281106"},{"reference_url":"https://news.ycombinator.com/item?id=35050307","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://news.ycombinator.com/item?id=35050307"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37454","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37454"},{"reference_url":"https://security.gentoo.org/glsa/202305-02","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://security.gentoo.org/glsa/202305-02"},{"reference_url":"https://www.debian.org/security/2022/dsa-5267","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://www.debian.org/security/2022/dsa-5267"},{"reference_url":"https://www.debian.org/security/2022/dsa-5269","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/"}],"url":"https://www.debian.org/security/2022/dsa-5269"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023030","reference_id":"1023030","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023030"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140200","reference_id":"2140200","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140200"},{"reference_url":"https://github.com/advisories/GHSA-6w4m-2xhg-2658","reference_id":"GHSA-6w4m-2xhg-2658","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6w4m-2xhg-2658"},{"reference_url":"https://security.gentoo.org/glsa/202211-03","reference_id":"GLSA-202211-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202211-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0848","reference_id":"RHSA-2023:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0965","reference_id":"RHSA-2023:0965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2417","reference_id":"RHSA-2023:2417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2417"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2903","reference_id":"RHSA-2023:2903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2903"},{"reference_url":"https://usn.ubuntu.com/5717-1/","reference_id":"USN-5717-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5717-1/"},{"reference_url":"https://usn.ubuntu.com/5767-1/","reference_id":"USN-5767-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5767-1/"},{"reference_url":"https://usn.ubuntu.com/5767-3/","reference_id":"USN-5767-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5767-3/"},{"reference_url":"https://usn.ubuntu.com/5888-1/","reference_id":"USN-5888-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5888-1/"},{"reference_url":"https://usn.ubuntu.com/5930-1/","reference_id":"USN-5930-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5930-1/"},{"reference_url":"https://usn.ubuntu.com/5931-1/","reference_id":"USN-5931-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5931-1/"},{"reference_url":"https://usn.ubuntu.com/6524-1/","reference_id":"USN-6524-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6524-1/"},{"reference_url":"https://usn.ubuntu.com/6525-1/","reference_id":"USN-6525-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6525-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2022-37454","GHSA-6w4m-2xhg-2658"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ewbq-2gm8-tyf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78172?format=json","vulnerability_id":"VCID-gxvd-xhmx-2uh9","summary":"python: sensitive information can be obtained via the _asyncio._swap_current_task component.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38898.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38898.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38898","reference_id":"","reference_type":"","scores":[{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59561","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59563","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59616","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59603","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59586","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59555","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59607","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.5962","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59639","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59622","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59602","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59635","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59642","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59626","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59596","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38898"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/105987","reference_id":"105987","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T20:56:48Z/"}],"url":"https://github.com/python/cpython/issues/105987"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2233280","reference_id":"2233280","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2233280"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2023-38898"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gxvd-xhmx-2uh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73711?format=json","vulnerability_id":"VCID-hssa-umby-eud3","summary":"python: local privilege escalation via search path in Windows","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26488.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26488.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26488","reference_id":"","reference_type":"","scores":[{"value":"0.01354","scoring_system":"epss","scoring_elements":"0.8021","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81715","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81712","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81739","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81743","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81763","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.8175","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81744","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81782","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81783","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81786","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01669","scoring_system":"epss","scoring_elements":"0.82055","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01703","scoring_system":"epss","scoring_elements":"0.82359","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01703","scoring_system":"epss","scoring_elements":"0.8237","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01703","scoring_system":"epss","scoring_elements":"0.82374","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26488"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2316527","reference_id":"2316527","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2316527"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2022-26488"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hssa-umby-eud3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42642?format=json","vulnerability_id":"VCID-hz5k-rky7-nucg","summary":"Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41105.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41105.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-41105","reference_id":"","reference_type":"","scores":[{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56123","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58339","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58369","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58401","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58406","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58383","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58345","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58356","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58342","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58359","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58333","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58385","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58391","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58409","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58388","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-41105"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/pull/107981","reference_id":"107981","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/"}],"url":"https://github.com/python/cpython/pull/107981"},{"reference_url":"https://github.com/python/cpython/pull/107982","reference_id":"107982","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/"}],"url":"https://github.com/python/cpython/pull/107982"},{"reference_url":"https://github.com/python/cpython/pull/107983","reference_id":"107983","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/"}],"url":"https://github.com/python/cpython/pull/107983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235795","reference_id":"2235795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235795"},{"reference_url":"https://mail.python.org/archives/list/security-announce%40python.org/thread/D6CDW3ZZC5D444YGL3VQUY6D4ECMCQLD/","reference_id":"D6CDW3ZZC5D444YGL3VQUY6D4ECMCQLD","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/"}],"url":"https://mail.python.org/archives/list/security-announce%40python.org/thread/D6CDW3ZZC5D444YGL3VQUY6D4ECMCQLD/"},{"reference_url":"https://security.gentoo.org/glsa/202405-01","reference_id":"GLSA-202405-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-01"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231006-0015/","reference_id":"ntap-20231006-0015","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231006-0015/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6494","reference_id":"RHSA-2023:6494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7024","reference_id":"RHSA-2023:7024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7024"},{"reference_url":"https://usn.ubuntu.com/6547-1/","reference_id":"USN-6547-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6547-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2023-41105"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hz5k-rky7-nucg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218347?format=json","vulnerability_id":"VCID-n5bc-vs4j-nfdp","summary":"In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15523","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24437","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30223","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30272","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30089","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30149","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30185","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30188","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30192","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30094","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30109","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30043","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29974","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29858","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29791","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30144","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15523"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2020-15523"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n5bc-vs4j-nfdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87802?format=json","vulnerability_id":"VCID-nvmn-jbw1-47cq","summary":"python: rgbimg: multiple security issues","references":[{"reference_url":"http://bugs.python.org/issue8678","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.python.org/issue8678"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4134.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4134.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4134","reference_id":"","reference_type":"","scores":[{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85719","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85572","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85584","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85601","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85607","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85627","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85638","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85653","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85649","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85645","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85668","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85673","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.8569","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85701","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02612","scoring_system":"epss","scoring_elements":"0.85703","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4134"},{"reference_url":"http://secunia.com/advisories/42888","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42888"},{"reference_url":"http://secunia.com/advisories/43068","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43068"},{"reference_url":"http://secunia.com/advisories/43364","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43364"},{"reference_url":"http://support.apple.com/kb/HT4435","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT4435"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:215","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:215"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0027.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0027.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0260.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0260.html"},{"reference_url":"http://www.securityfocus.com/bid/40361","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/40361"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0122","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0122"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0212","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0212"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0413","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0413"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=541698","reference_id":"541698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=541698"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-4134","reference_id":"CVE-2009-4134","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-4134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0027","reference_id":"RHSA-2011:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0260","reference_id":"RHSA-2011:0260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0260"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2009-4134"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nvmn-jbw1-47cq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69467?format=json","vulnerability_id":"VCID-q6g1-cjz3-77e4","summary":"cpython: Tarfile extracts filtered members when errorlevel=0","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4435.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4435.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4435","reference_id":"","reference_type":"","scores":[{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67621","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67702","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67642","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67622","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67673","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67688","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67711","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67696","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67663","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67699","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67712","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67692","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67723","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67725","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4435"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/135034","reference_id":"135034","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/issues/135034"},{"reference_url":"https://github.com/python/cpython/pull/135037","reference_id":"135037","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/pull/135037"},{"reference_url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da","reference_id":"19de092debb3d7e832e5672cc2f7b788d35951da","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370010","reference_id":"2370010","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370010"},{"reference_url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9","reference_id":"28463dba112af719df1e8b0391c46787ad756dd9","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9"},{"reference_url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a","reference_id":"3612d8f51741b11f36f8fb0494d79086bac9390a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"},{"reference_url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_id":"4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e"},{"reference_url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a","reference_id":"9c1110ef6652687d7c55f590f909720eddde965a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a"},{"reference_url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_id":"9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"},{"reference_url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_id":"aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01"},{"reference_url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_id":"dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/","reference_id":"MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10026","reference_id":"RHSA-2025:10026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10028","reference_id":"RHSA-2025:10028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10031","reference_id":"RHSA-2025:10031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10128","reference_id":"RHSA-2025:10128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10136","reference_id":"RHSA-2025:10136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10140","reference_id":"RHSA-2025:10140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10148","reference_id":"RHSA-2025:10148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10189","reference_id":"RHSA-2025:10189","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10399","reference_id":"RHSA-2025:10399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10484","reference_id":"RHSA-2025:10484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10602","reference_id":"RHSA-2025:10602","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10602"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13267","reference_id":"RHSA-2025:13267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23530","reference_id":"RHSA-2025:23530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9918","reference_id":"RHSA-2025:9918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9918"},{"reference_url":"https://usn.ubuntu.com/7583-1/","reference_id":"USN-7583-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7583-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2025-4435"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q6g1-cjz3-77e4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87803?format=json","vulnerability_id":"VCID-rnkj-2dgz-kuah","summary":"python: rgbimg: multiple security issues","references":[{"reference_url":"http://bugs.python.org/issue8678","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.python.org/issue8678"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1449.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1449.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1449","reference_id":"","reference_type":"","scores":[{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.88114","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.8801","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.8802","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.88034","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.8804","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.88059","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.88065","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.88076","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.88068","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.88069","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.88083","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.8808","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.88098","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.88103","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03785","scoring_system":"epss","scoring_elements":"0.88102","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1449"},{"reference_url":"http://secunia.com/advisories/42888","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42888"},{"reference_url":"http://secunia.com/advisories/43068","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43068"},{"reference_url":"http://secunia.com/advisories/43364","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43364"},{"reference_url":"http://support.apple.com/kb/HT4435","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT4435"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:215","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:215"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0027.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0027.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0260.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0260.html"},{"reference_url":"http://www.securityfocus.com/bid/40363","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/40363"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0122","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0122"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0212","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0212"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0413","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0413"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=541698","reference_id":"541698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=541698"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1449","reference_id":"CVE-2010-1449","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0027","reference_id":"RHSA-2011:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0260","reference_id":"RHSA-2011:0260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0260"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2010-1449"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rnkj-2dgz-kuah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175412?format=json","vulnerability_id":"VCID-s2wz-ghk2-kkg3","summary":"Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000117","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.1562","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21376","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.2143","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21182","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21262","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21324","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21334","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21293","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.2122","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21233","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21242","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21219","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21088","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.2109","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21065","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.2124","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000117"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2018-1000117"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s2wz-ghk2-kkg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42638?format=json","vulnerability_id":"VCID-s7qf-hjkq-wkdy","summary":"Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6507.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6507.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6507","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23888","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24232","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24276","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24293","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24193","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24209","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24197","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24174","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2405","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24039","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23997","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24382","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24166","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27973","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6507"},{"reference_url":"https://github.com/python/cpython/commit/10e9bb13b8dcaa414645b9bd10718d8f7179e82b","reference_id":"10e9bb13b8dcaa414645b9bd10718d8f7179e82b","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/"}],"url":"https://github.com/python/cpython/commit/10e9bb13b8dcaa414645b9bd10718d8f7179e82b"},{"reference_url":"https://github.com/python/cpython/issues/112334","reference_id":"112334","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/"}],"url":"https://github.com/python/cpython/issues/112334"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293948","reference_id":"2293948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293948"},{"reference_url":"https://github.com/python/cpython/commit/85bbfa8a4bbdbb61a3a84fbd7cb29a4096ab8a06","reference_id":"85bbfa8a4bbdbb61a3a84fbd7cb29a4096ab8a06","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/"}],"url":"https://github.com/python/cpython/commit/85bbfa8a4bbdbb61a3a84fbd7cb29a4096ab8a06"},{"reference_url":"https://github.com/python/cpython/commit/9fe7655c6ce0b8e9adc229daf681b6d30e6b1610","reference_id":"9fe7655c6ce0b8e9adc229daf681b6d30e6b1610","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/"}],"url":"https://github.com/python/cpython/commit/9fe7655c6ce0b8e9adc229daf681b6d30e6b1610"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/AUL7QFHBLILGISS7U63B47AYSSGJJQZD/","reference_id":"AUL7QFHBLILGISS7U63B47AYSSGJJQZD","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/AUL7QFHBLILGISS7U63B47AYSSGJJQZD/"},{"reference_url":"https://security.gentoo.org/glsa/202405-01","reference_id":"GLSA-202405-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-01"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2023-6507"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s7qf-hjkq-wkdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/223883?format=json","vulnerability_id":"VCID-sbe1-cx8r-aba1","summary":"On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile directory may not have the intended permissions.\n\nIf you’re not using Windows or haven’t changed the temporary directory location then you aren’t affected by this vulnerability. On other platforms the returned directory is consistently readable and writable only by the current user.\n\nThis issue was caused by Python not supporting Unix permissions on Windows. The fix adds support for Unix “700” for the mkdir function on Windows which is used by mkdtemp() to ensure the newly created directory has the proper permissions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4030","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0678","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06931","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06895","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06923","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06723","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.069","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06916","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06772","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0677","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06756","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06808","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06846","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0685","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06844","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06838","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4030"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/118486","reference_id":"118486","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/issues/118486"},{"reference_url":"https://github.com/python/cpython/commit/35c799d79177b962ddace2fa068101465570a29a","reference_id":"35c799d79177b962ddace2fa068101465570a29a","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/35c799d79177b962ddace2fa068101465570a29a"},{"reference_url":"https://github.com/python/cpython/commit/5130731c9e779b97d00a24f54cdce73ce9975dfd","reference_id":"5130731c9e779b97d00a24f54cdce73ce9975dfd","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/5130731c9e779b97d00a24f54cdce73ce9975dfd"},{"reference_url":"https://github.com/python/cpython/commit/66f8bb76a15e64a1bb7688b177ed29e26230fdee","reference_id":"66f8bb76a15e64a1bb7688b177ed29e26230fdee","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/66f8bb76a15e64a1bb7688b177ed29e26230fdee"},{"reference_url":"https://github.com/python/cpython/commit/6d0850c4c8188035643586ab4d8ec2468abd699e","reference_id":"6d0850c4c8188035643586ab4d8ec2468abd699e","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/6d0850c4c8188035643586ab4d8ec2468abd699e"},{"reference_url":"https://github.com/python/cpython/commit/81939dad77001556c527485d31a2d0f4a759033e","reference_id":"81939dad77001556c527485d31a2d0f4a759033e","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/81939dad77001556c527485d31a2d0f4a759033e"},{"reference_url":"https://github.com/python/cpython/commit/8ed546679524140d8282175411fd141fe7df070d","reference_id":"8ed546679524140d8282175411fd141fe7df070d","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/8ed546679524140d8282175411fd141fe7df070d"},{"reference_url":"https://github.com/python/cpython/commit/91e3669e01245185569d09e9e6e11641282971ee","reference_id":"91e3669e01245185569d09e9e6e11641282971ee","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/91e3669e01245185569d09e9e6e11641282971ee"},{"reference_url":"https://github.com/python/cpython/commit/94591dca510c796c7d40e9b4167ea56f2fdf28ca","reference_id":"94591dca510c796c7d40e9b4167ea56f2fdf28ca","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/94591dca510c796c7d40e9b4167ea56f2fdf28ca"},{"reference_url":"https://github.com/python/cpython/commit/c8f868dc52f98011d0f9b459b6487920bfb0ac4d","reference_id":"c8f868dc52f98011d0f9b459b6487920bfb0ac4d","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/c8f868dc52f98011d0f9b459b6487920bfb0ac4d"},{"reference_url":"https://github.com/python/cpython/commit/d86b49411753bf2c83291e3a14ae43fefded2f84","reference_id":"d86b49411753bf2c83291e3a14ae43fefded2f84","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/d86b49411753bf2c83291e3a14ae43fefded2f84"},{"reference_url":"https://github.com/python/cpython/commit/e1dfa978b1ad210d551385ad8073ec6154f53763","reference_id":"e1dfa978b1ad210d551385ad8073ec6154f53763","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/e1dfa978b1ad210d551385ad8073ec6154f53763"},{"reference_url":"https://github.com/python/cpython/commit/eb29e2f5905da93333d1ce78bc98b151e763ff46","reference_id":"eb29e2f5905da93333d1ce78bc98b151e763ff46","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/eb29e2f5905da93333d1ce78bc98b151e763ff46"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240705-0005/","reference_id":"ntap-20240705-0005","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240705-0005/"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/PRGS5OR3N3PNPT4BMV2VAGN5GMUI5636/","reference_id":"PRGS5OR3N3PNPT4BMV2VAGN5GMUI5636","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/PRGS5OR3N3PNPT4BMV2VAGN5GMUI5636/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2024-4030"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sbe1-cx8r-aba1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73076?format=json","vulnerability_id":"VCID-tbuw-2msj-tqd9","summary":"python: Virtual environment (venv) activation scripts don't quote paths","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9287.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9287.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9287","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19061","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19545","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19591","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19167","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19944","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.1976","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19864","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19866","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19862","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19753","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19885","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19835","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19915","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19969","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19987","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9287","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9287"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089117","reference_id":"1089117","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089117"},{"reference_url":"https://github.com/python/cpython/issues/124651","reference_id":"124651","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/"}],"url":"https://github.com/python/cpython/issues/124651"},{"reference_url":"https://github.com/python/cpython/pull/124712","reference_id":"124712","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/"}],"url":"https://github.com/python/cpython/pull/124712"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2321440","reference_id":"2321440","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2321440"},{"reference_url":"https://github.com/python/cpython/commit/633555735a023d3e4d92ba31da35b1205f9ecbd7","reference_id":"633555735a023d3e4d92ba31da35b1205f9ecbd7","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/"}],"url":"https://github.com/python/cpython/commit/633555735a023d3e4d92ba31da35b1205f9ecbd7"},{"reference_url":"https://github.com/python/cpython/commit/8450b2482586857d689b6658f08de9c8179af7db","reference_id":"8450b2482586857d689b6658f08de9c8179af7db","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/"}],"url":"https://github.com/python/cpython/commit/8450b2482586857d689b6658f08de9c8179af7db"},{"reference_url":"https://github.com/python/cpython/commit/9286ab3a107ea41bd3f3c3682ce2512692bdded8","reference_id":"9286ab3a107ea41bd3f3c3682ce2512692bdded8","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/"}],"url":"https://github.com/python/cpython/commit/9286ab3a107ea41bd3f3c3682ce2512692bdded8"},{"reference_url":"https://github.com/python/cpython/commit/ae961ae94bf19c8f8c7fbea3d1c25cc55ce8ae97","reference_id":"ae961ae94bf19c8f8c7fbea3d1c25cc55ce8ae97","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/"}],"url":"https://github.com/python/cpython/commit/ae961ae94bf19c8f8c7fbea3d1c25cc55ce8ae97"},{"reference_url":"https://github.com/python/cpython/commit/d48cc82ed25e26b02eb97c6263d95dcaa1e9111b","reference_id":"d48cc82ed25e26b02eb97c6263d95dcaa1e9111b","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/"}],"url":"https://github.com/python/cpython/commit/d48cc82ed25e26b02eb97c6263d95dcaa1e9111b"},{"reference_url":"https://github.com/python/cpython/commit/e52095a0c1005a87eed2276af7a1f2f66e2b6483","reference_id":"e52095a0c1005a87eed2276af7a1f2f66e2b6483","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/"}],"url":"https://github.com/python/cpython/commit/e52095a0c1005a87eed2276af7a1f2f66e2b6483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10779","reference_id":"RHSA-2024:10779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10779"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10978","reference_id":"RHSA-2024:10978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10979","reference_id":"RHSA-2024:10979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10980","reference_id":"RHSA-2024:10980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10983","reference_id":"RHSA-2024:10983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11024","reference_id":"RHSA-2024:11024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11035","reference_id":"RHSA-2024:11035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11111","reference_id":"RHSA-2024:11111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0280","reference_id":"RHSA-2025:0280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23530","reference_id":"RHSA-2025:23530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23530"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL/","reference_id":"RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL/"},{"reference_url":"https://usn.ubuntu.com/7116-1/","reference_id":"USN-7116-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7116-1/"},{"reference_url":"https://usn.ubuntu.com/7348-1/","reference_id":"USN-7348-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7348-1/"},{"reference_url":"https://usn.ubuntu.com/7488-1/","reference_id":"USN-7488-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7488-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2024-9287"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tbuw-2msj-tqd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/294729?format=json","vulnerability_id":"VCID-v6ry-7xxz-nbeu","summary":"CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-33595","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20077","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25541","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25313","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25381","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25426","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25437","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25396","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25342","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25349","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25341","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.2531","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25272","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25263","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25218","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25099","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-33595"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2023-33595"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v6ry-7xxz-nbeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/265016?format=json","vulnerability_id":"VCID-ymg5-42xm-7fh9","summary":"The\n “socket” module provides a pure-Python fallback to the \nsocket.socketpair() function for platforms that don’t support AF_UNIX, \nsuch as Windows. This pure-Python implementation uses AF_INET or \nAF_INET6 to create a local connected pair of sockets. The connection \nbetween the two sockets was not verified before passing the two sockets \nback to the user, which leaves the server socket vulnerable to a \nconnection race from a malicious local peer.\n\nPlatforms that support AF_UNIX such as Linux and macOS are not affected by this vulnerability. Versions prior to CPython 3.5 are not affected due to the vulnerable API not being included.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3219","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19241","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.1889","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.1901","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19055","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19066","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19174","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19165","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19156","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19298","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19293","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19444","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19162","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19393","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19197","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3219"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/commit/06fa244666ec6335a3b9bf2367e31b42b9a89b20","reference_id":"06fa244666ec6335a3b9bf2367e31b42b9a89b20","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/06fa244666ec6335a3b9bf2367e31b42b9a89b20"},{"reference_url":"https://github.com/python/cpython/commit/0b65c8bf5367625673eafb92f85046a1b31259f2","reference_id":"0b65c8bf5367625673eafb92f85046a1b31259f2","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/0b65c8bf5367625673eafb92f85046a1b31259f2"},{"reference_url":"https://github.com/python/cpython/issues/122133","reference_id":"122133","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/issues/122133"},{"reference_url":"https://github.com/python/cpython/pull/122134","reference_id":"122134","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/pull/122134"},{"reference_url":"https://github.com/python/cpython/commit/220e31adeaaa8436c9ff234cba1398bc49e2bb6c","reference_id":"220e31adeaaa8436c9ff234cba1398bc49e2bb6c","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/220e31adeaaa8436c9ff234cba1398bc49e2bb6c"},{"reference_url":"https://github.com/python/cpython/commit/2621a8a40ba4b2c68ca564671b7daa5da80a4508","reference_id":"2621a8a40ba4b2c68ca564671b7daa5da80a4508","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/2621a8a40ba4b2c68ca564671b7daa5da80a4508"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/29/3","reference_id":"3","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/29/3"},{"reference_url":"https://github.com/python/cpython/commit/31302f5fc24eecd693f0c8aaba7c2840b09b594d","reference_id":"31302f5fc24eecd693f0c8aaba7c2840b09b594d","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/31302f5fc24eecd693f0c8aaba7c2840b09b594d"},{"reference_url":"https://github.com/python/cpython/commit/3f5d9d12c74787fbf3f5891835c85cc15526c86d","reference_id":"3f5d9d12c74787fbf3f5891835c85cc15526c86d","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/3f5d9d12c74787fbf3f5891835c85cc15526c86d"},{"reference_url":"https://github.com/python/cpython/commit/5df322e91a40909e6904bbdbc0c3a6b6a9eead39","reference_id":"5df322e91a40909e6904bbdbc0c3a6b6a9eead39","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/5df322e91a40909e6904bbdbc0c3a6b6a9eead39"},{"reference_url":"https://github.com/python/cpython/commit/5f90abaa786f994db3907fc31e2ee00ea2cf0929","reference_id":"5f90abaa786f994db3907fc31e2ee00ea2cf0929","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/5f90abaa786f994db3907fc31e2ee00ea2cf0929"},{"reference_url":"https://github.com/python/cpython/commit/78df1043dbdce5c989600616f9f87b4ee72944e5","reference_id":"78df1043dbdce5c989600616f9f87b4ee72944e5","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/78df1043dbdce5c989600616f9f87b4ee72944e5"},{"reference_url":"https://github.com/python/cpython/commit/b252317956b7fc035bb3774ef6a177e227f9fc54","reference_id":"b252317956b7fc035bb3774ef6a177e227f9fc54","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/b252317956b7fc035bb3774ef6a177e227f9fc54"},{"reference_url":"https://github.com/python/cpython/commit/c21a36112a0028d7ac3cf8f480e0dc88dba5922c","reference_id":"c21a36112a0028d7ac3cf8f480e0dc88dba5922c","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/c21a36112a0028d7ac3cf8f480e0dc88dba5922c"},{"reference_url":"https://github.com/python/cpython/commit/c5655aa6ad120d2ed7f255bebd6e8b71a9c07dde","reference_id":"c5655aa6ad120d2ed7f255bebd6e8b71a9c07dde","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/c5655aa6ad120d2ed7f255bebd6e8b71a9c07dde"},{"reference_url":"https://github.com/python/cpython/commit/e319f774f9e766a2b92949444a2d46081df3363a","reference_id":"e319f774f9e766a2b92949444a2d46081df3363a","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/e319f774f9e766a2b92949444a2d46081df3363a"},{"reference_url":"https://github.com/python/cpython/commit/f071f01b7b7e19d7d6b3a4b0ec62f820ecb14660","reference_id":"f071f01b7b7e19d7d6b3a4b0ec62f820ecb14660","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/f071f01b7b7e19d7d6b3a4b0ec62f820ecb14660"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/WYKDQWIERRE2ICIYMSVRZJO33GSCWU2B/","reference_id":"WYKDQWIERRE2ICIYMSVRZJO33GSCWU2B","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/WYKDQWIERRE2ICIYMSVRZJO33GSCWU2B/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2024-3219"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ymg5-42xm-7fh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38889?format=json","vulnerability_id":"VCID-z48d-eyxz-bycq","summary":"Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29921.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29921.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29921","reference_id":"","reference_type":"","scores":[{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83792","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83951","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83924","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83928","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83805","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83819","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83821","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83845","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83851","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83868","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83862","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83857","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.8389","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83891","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02048","scoring_system":"epss","scoring_elements":"0.83916","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1957458","reference_id":"1957458","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1957458"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989195","reference_id":"989195","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989195"},{"reference_url":"https://security.archlinux.org/AVG-1913","reference_id":"AVG-1913","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1913"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4160","reference_id":"RHSA-2021:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4162","reference_id":"RHSA-2021:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4162"},{"reference_url":"https://usn.ubuntu.com/4973-1/","reference_id":"USN-4973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4973-1/"},{"reference_url":"https://usn.ubuntu.com/4973-2/","reference_id":"USN-4973-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4973-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2021-29921"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z48d-eyxz-bycq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/352122?format=json","vulnerability_id":"VCID-zxzn-25zt-ukct","summary":"Mitgation of CVE-2026-4519 was incomplete. If the URL contained \"%action\" the mitigation could be bypassed for certain browser types the \"webbrowser.open()\" API could have commands injected into the underlying shell. See CVE-2026-4519 for details.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4786.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4786.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4786","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.0299","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02998","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05347","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0542","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05427","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05385","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4786"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/148169","reference_id":"148169","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/"}],"url":"https://github.com/python/cpython/issues/148169"},{"reference_url":"https://github.com/python/cpython/pull/148170","reference_id":"148170","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/"}],"url":"https://github.com/python/cpython/pull/148170"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458049","reference_id":"2458049","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458049"},{"reference_url":"https://github.com/python/cpython/commit/28b4ad38067bbdad34edfcd03ad2de5f06387e53","reference_id":"28b4ad38067bbdad34edfcd03ad2de5f06387e53","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/"}],"url":"https://github.com/python/cpython/commit/28b4ad38067bbdad34edfcd03ad2de5f06387e53"},{"reference_url":"https://github.com/python/cpython/commit/c5767a72838a8dda9d6dc5d3558075b055c56bca","reference_id":"c5767a72838a8dda9d6dc5d3558075b055c56bca","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/"}],"url":"https://github.com/python/cpython/commit/c5767a72838a8dda9d6dc5d3558075b055c56bca"},{"reference_url":"https://github.com/python/cpython/commit/d22922c8a7958353689dc4763dd72da2dea03fff","reference_id":"d22922c8a7958353689dc4763dd72da2dea03fff","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/"}],"url":"https://github.com/python/cpython/commit/d22922c8a7958353689dc4763dd72da2dea03fff"},{"reference_url":"https://github.com/python/cpython/commit/d6d68494be70bdbda20f89f83801ba52ec37daa4","reference_id":"d6d68494be70bdbda20f89f83801ba52ec37daa4","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/"}],"url":"https://github.com/python/cpython/commit/d6d68494be70bdbda20f89f83801ba52ec37daa4"},{"reference_url":"https://github.com/python/cpython/commit/f4654824ae0850ac87227fb270f9057477946769","reference_id":"f4654824ae0850ac87227fb270f9057477946769","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/"}],"url":"https://github.com/python/cpython/commit/f4654824ae0850ac87227fb270f9057477946769"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5/","reference_id":"JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10117","reference_id":"RHSA-2026:10117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10140","reference_id":"RHSA-2026:10140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10141","reference_id":"RHSA-2026:10141","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10141"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10711","reference_id":"RHSA-2026:10711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10745","reference_id":"RHSA-2026:10745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10774","reference_id":"RHSA-2026:10774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10949","reference_id":"RHSA-2026:10949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10950","reference_id":"RHSA-2026:10950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11062","reference_id":"RHSA-2026:11062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11077","reference_id":"RHSA-2026:11077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11768","reference_id":"RHSA-2026:11768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13692","reference_id":"RHSA-2026:13692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13812","reference_id":"RHSA-2026:13812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8822","reference_id":"RHSA-2026:8822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8824","reference_id":"RHSA-2026:8824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9228","reference_id":"RHSA-2026:9228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9228"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936924?format=json","purl":"pkg:deb/debian/python2.7@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936923?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"}],"aliases":["CVE-2026-4786"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zxzn-25zt-ukct"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye"}