{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","type":"deb","namespace":"debian","name":"python3.9","version":"0","qualifiers":{"distro":"bullseye"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.9.0~b5-1","latest_non_vulnerable_version":"3.9.2-1+deb11u6","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31515?format=json","vulnerability_id":"VCID-1hw3-vhwb-nkcd","summary":"Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12718.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12718.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-12718","reference_id":"","reference_type":"","scores":[{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.7201","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71952","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71924","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71959","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71926","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71893","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71903","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71904","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.719","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71854","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71871","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71867","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71793","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71811","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71785","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71824","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71835","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71859","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71842","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-12718"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/127987","reference_id":"127987","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/issues/127987"},{"reference_url":"https://github.com/python/cpython/issues/135034","reference_id":"135034","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/issues/135034"},{"reference_url":"https://github.com/python/cpython/pull/135037","reference_id":"135037","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/pull/135037"},{"reference_url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da","reference_id":"19de092debb3d7e832e5672cc2f7b788d35951da","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370013","reference_id":"2370013","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370013"},{"reference_url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9","reference_id":"28463dba112af719df1e8b0391c46787ad756dd9","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9"},{"reference_url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a","reference_id":"3612d8f51741b11f36f8fb0494d79086bac9390a","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"},{"reference_url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_id":"4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e"},{"reference_url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f","reference_id":"52398e33eff261329a0180ac1d54f42f","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"},{"reference_url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a","reference_id":"9c1110ef6652687d7c55f590f909720eddde965a","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a"},{"reference_url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_id":"9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"},{"reference_url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_id":"aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01"},{"reference_url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_id":"dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1"},{"reference_url":"https://security.gentoo.org/glsa/202506-07","reference_id":"GLSA-202506-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-07"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/","reference_id":"MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10026","reference_id":"RHSA-2025:10026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10028","reference_id":"RHSA-2025:10028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10031","reference_id":"RHSA-2025:10031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10128","reference_id":"RHSA-2025:10128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10136","reference_id":"RHSA-2025:10136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10140","reference_id":"RHSA-2025:10140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10148","reference_id":"RHSA-2025:10148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10189","reference_id":"RHSA-2025:10189","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10399","reference_id":"RHSA-2025:10399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10484","reference_id":"RHSA-2025:10484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10602","reference_id":"RHSA-2025:10602","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10602"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11386","reference_id":"RHSA-2025:11386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13267","reference_id":"RHSA-2025:13267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18219","reference_id":"RHSA-2025:18219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9918","reference_id":"RHSA-2025:9918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7583-1/","reference_id":"USN-7583-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7583-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2024-12718"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1hw3-vhwb-nkcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31516?format=json","vulnerability_id":"VCID-4afh-28ss-mudf","summary":"Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4138.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4138","reference_id":"","reference_type":"","scores":[{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50673","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50718","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.5064","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50608","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50654","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50624","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50571","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50655","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50736","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50756","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.5075","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50725","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50748","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50706","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.5071","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50699","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50648","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50693","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50685","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4138"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/135034","reference_id":"135034","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/issues/135034"},{"reference_url":"https://github.com/python/cpython/pull/135037","reference_id":"135037","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/pull/135037"},{"reference_url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da","reference_id":"19de092debb3d7e832e5672cc2f7b788d35951da","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372426","reference_id":"2372426","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372426"},{"reference_url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9","reference_id":"28463dba112af719df1e8b0391c46787ad756dd9","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9"},{"reference_url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a","reference_id":"3612d8f51741b11f36f8fb0494d79086bac9390a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"},{"reference_url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_id":"4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e"},{"reference_url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f","reference_id":"52398e33eff261329a0180ac1d54f42f","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"},{"reference_url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a","reference_id":"9c1110ef6652687d7c55f590f909720eddde965a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a"},{"reference_url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_id":"9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"},{"reference_url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_id":"aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01"},{"reference_url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_id":"dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1"},{"reference_url":"https://security.gentoo.org/glsa/202506-07","reference_id":"GLSA-202506-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-07"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/","reference_id":"MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10026","reference_id":"RHSA-2025:10026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10028","reference_id":"RHSA-2025:10028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10031","reference_id":"RHSA-2025:10031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10128","reference_id":"RHSA-2025:10128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10136","reference_id":"RHSA-2025:10136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10140","reference_id":"RHSA-2025:10140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10148","reference_id":"RHSA-2025:10148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10189","reference_id":"RHSA-2025:10189","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10399","reference_id":"RHSA-2025:10399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10484","reference_id":"RHSA-2025:10484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10602","reference_id":"RHSA-2025:10602","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10602"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11386","reference_id":"RHSA-2025:11386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13267","reference_id":"RHSA-2025:13267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18219","reference_id":"RHSA-2025:18219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23530","reference_id":"RHSA-2025:23530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9918","reference_id":"RHSA-2025:9918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7583-1/","reference_id":"USN-7583-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7583-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2025-4138"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4afh-28ss-mudf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81078?format=json","vulnerability_id":"VCID-4pej-k4vs-j3d2","summary":"python: sys.path allowing code to be loaded from arbitrary locations","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15801.json","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15801.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15801","reference_id":"","reference_type":"","scores":[{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69871","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69883","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69898","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69875","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69922","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69939","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69963","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69947","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69933","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69976","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69987","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69969","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70019","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70028","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70003","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70045","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70076","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70072","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.7012","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15801"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1860242","reference_id":"1860242","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1860242"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2020-15801"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4pej-k4vs-j3d2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31521?format=json","vulnerability_id":"VCID-757r-fs6p-qqdd","summary":"Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4517.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4517.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4517","reference_id":"","reference_type":"","scores":[{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53579","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53606","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53622","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53625","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53576","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53671","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61005","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60895","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60876","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60918","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60923","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60907","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60898","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.6091","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60903","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60853","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60901","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.6096","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60922","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.60948","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4517"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/135034","reference_id":"135034","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"}],"url":"https://github.com/python/cpython/issues/135034"},{"reference_url":"https://github.com/python/cpython/pull/135037","reference_id":"135037","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"}],"url":"https://github.com/python/cpython/pull/135037"},{"reference_url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da","reference_id":"19de092debb3d7e832e5672cc2f7b788d35951da","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"}],"url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370016","reference_id":"2370016","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370016"},{"reference_url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9","reference_id":"28463dba112af719df1e8b0391c46787ad756dd9","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"}],"url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9"},{"reference_url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a","reference_id":"3612d8f51741b11f36f8fb0494d79086bac9390a","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"}],"url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"},{"reference_url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_id":"4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"}],"url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e"},{"reference_url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f","reference_id":"52398e33eff261329a0180ac1d54f42f","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"}],"url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"},{"reference_url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a","reference_id":"9c1110ef6652687d7c55f590f909720eddde965a","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"}],"url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a"},{"reference_url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_id":"9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"}],"url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"},{"reference_url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_id":"aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"}],"url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01"},{"reference_url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_id":"dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"}],"url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1"},{"reference_url":"https://security.gentoo.org/glsa/202506-07","reference_id":"GLSA-202506-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-07"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/","reference_id":"MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10026","reference_id":"RHSA-2025:10026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10028","reference_id":"RHSA-2025:10028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10031","reference_id":"RHSA-2025:10031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10128","reference_id":"RHSA-2025:10128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10136","reference_id":"RHSA-2025:10136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10140","reference_id":"RHSA-2025:10140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10148","reference_id":"RHSA-2025:10148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10189","reference_id":"RHSA-2025:10189","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10399","reference_id":"RHSA-2025:10399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10484","reference_id":"RHSA-2025:10484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10602","reference_id":"RHSA-2025:10602","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10602"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11386","reference_id":"RHSA-2025:11386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13267","reference_id":"RHSA-2025:13267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18219","reference_id":"RHSA-2025:18219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23530","reference_id":"RHSA-2025:23530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9918","reference_id":"RHSA-2025:9918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7583-1/","reference_id":"USN-7583-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7583-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2025-4517"],"risk_score":4.2,"exploitability":"0.5","weighted_severity":"8.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-757r-fs6p-qqdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31517?format=json","vulnerability_id":"VCID-8zdt-4q7m-t7ht","summary":"Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4330.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4330.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4330","reference_id":"","reference_type":"","scores":[{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77068","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.7732","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77274","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77257","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77268","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77248","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.7708","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77128","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77149","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77122","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77112","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77097","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77219","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77214","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77199","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77192","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77158","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77166","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77164","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77123","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4330"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/135034","reference_id":"135034","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/issues/135034"},{"reference_url":"https://github.com/python/cpython/pull/135037","reference_id":"135037","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/pull/135037"},{"reference_url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da","reference_id":"19de092debb3d7e832e5672cc2f7b788d35951da","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370014","reference_id":"2370014","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370014"},{"reference_url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9","reference_id":"28463dba112af719df1e8b0391c46787ad756dd9","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9"},{"reference_url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a","reference_id":"3612d8f51741b11f36f8fb0494d79086bac9390a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"},{"reference_url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_id":"4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e"},{"reference_url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f","reference_id":"52398e33eff261329a0180ac1d54f42f","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"},{"reference_url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a","reference_id":"9c1110ef6652687d7c55f590f909720eddde965a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a"},{"reference_url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_id":"9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"},{"reference_url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_id":"aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01"},{"reference_url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_id":"dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1"},{"reference_url":"https://security.gentoo.org/glsa/202506-07","reference_id":"GLSA-202506-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-07"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/","reference_id":"MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10026","reference_id":"RHSA-2025:10026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10028","reference_id":"RHSA-2025:10028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10031","reference_id":"RHSA-2025:10031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10128","reference_id":"RHSA-2025:10128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10136","reference_id":"RHSA-2025:10136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10140","reference_id":"RHSA-2025:10140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10148","reference_id":"RHSA-2025:10148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10189","reference_id":"RHSA-2025:10189","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10399","reference_id":"RHSA-2025:10399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10484","reference_id":"RHSA-2025:10484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10602","reference_id":"RHSA-2025:10602","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10602"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13267","reference_id":"RHSA-2025:13267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23530","reference_id":"RHSA-2025:23530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9918","reference_id":"RHSA-2025:9918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9918"},{"reference_url":"https://usn.ubuntu.com/7583-1/","reference_id":"USN-7583-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7583-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2025-4330"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8zdt-4q7m-t7ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78165?format=json","vulnerability_id":"VCID-dv5v-71b5-budp","summary":"python: use after free in heappushpop() of heapq module","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48560.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48560.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48560","reference_id":"","reference_type":"","scores":[{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42375","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42405","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42344","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42393","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.424","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42423","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42387","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42358","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42407","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42382","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42311","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42243","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42239","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42156","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42012","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42087","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42103","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42018","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42046","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42118","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249755","reference_id":"2249755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0114","reference_id":"RHSA-2024:0114","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0114"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0430","reference_id":"RHSA-2024:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0586","reference_id":"RHSA-2024:0586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2987","reference_id":"RHSA-2024:2987","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2987"},{"reference_url":"https://usn.ubuntu.com/6394-1/","reference_id":"USN-6394-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6394-1/"},{"reference_url":"https://usn.ubuntu.com/6394-2/","reference_id":"USN-6394-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6394-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/7180-1/","reference_id":"USN-7180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2022-48560"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dv5v-71b5-budp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/355029?format=json","vulnerability_id":"VCID-ftys-9k1s-mqd9","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3087","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14056","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15628","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18952","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19015","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19051","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18869","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3087"},{"reference_url":"https://github.com/python/cpython/issues/146581","reference_id":"146581","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-28T13:38:08Z/"}],"url":"https://github.com/python/cpython/issues/146581"},{"reference_url":"https://github.com/python/cpython/pull/146591","reference_id":"146591","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-28T13:38:08Z/"}],"url":"https://github.com/python/cpython/pull/146591"},{"reference_url":"https://github.com/python/cpython/commit/ab5ef98af693bded74a738570e81ea70abef2840","reference_id":"ab5ef98af693bded74a738570e81ea70abef2840","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-28T13:38:08Z/"}],"url":"https://github.com/python/cpython/commit/ab5ef98af693bded74a738570e81ea70abef2840"},{"reference_url":"https://github.com/python/cpython/commit/b01e594fbe754a960212f908d047294e880b52fd","reference_id":"b01e594fbe754a960212f908d047294e880b52fd","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-28T13:38:08Z/"}],"url":"https://github.com/python/cpython/commit/b01e594fbe754a960212f908d047294e880b52fd"},{"reference_url":"https://github.com/python/cpython/commit/fc829e88753858c8ac669594bf0093f44948c0f4","reference_id":"fc829e88753858c8ac669594bf0093f44948c0f4","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-28T13:38:08Z/"}],"url":"https://github.com/python/cpython/commit/fc829e88753858c8ac669594bf0093f44948c0f4"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/X6FXE5C6KDKOVNX3EC3DWD5RUPFWOZA4/","reference_id":"X6FXE5C6KDKOVNX3EC3DWD5RUPFWOZA4","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-28T13:38:08Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/X6FXE5C6KDKOVNX3EC3DWD5RUPFWOZA4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2026-3087"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ftys-9k1s-mqd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78172?format=json","vulnerability_id":"VCID-gxvd-xhmx-2uh9","summary":"python: sensitive information can be obtained via the _asyncio._swap_current_task component.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38898.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38898.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38898","reference_id":"","reference_type":"","scores":[{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59561","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59724","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59669","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59654","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59586","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59555","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59607","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.5962","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59639","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59622","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59602","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59635","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59642","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59626","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59596","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59616","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59603","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59563","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.5961","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38898"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/105987","reference_id":"105987","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T20:56:48Z/"}],"url":"https://github.com/python/cpython/issues/105987"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2233280","reference_id":"2233280","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2233280"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2023-38898"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gxvd-xhmx-2uh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353906?format=json","vulnerability_id":"VCID-hmcw-zcsy-9qcf","summary":"The method \"sock_recvfrom_into()\" of \"asyncio.ProacterEventLoop\" (Windows only) was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3298","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15623","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15624","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20383","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20365","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20399","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20313","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20239","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.2034","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20469","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3298"},{"reference_url":"https://github.com/python/cpython/commit/1274766d3c29007ab77245a72abbf8dce2a9db4d","reference_id":"1274766d3c29007ab77245a72abbf8dce2a9db4d","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:15:36Z/"}],"url":"https://github.com/python/cpython/commit/1274766d3c29007ab77245a72abbf8dce2a9db4d"},{"reference_url":"https://github.com/python/cpython/issues/148808","reference_id":"148808","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:15:36Z/"}],"url":"https://github.com/python/cpython/issues/148808"},{"reference_url":"https://github.com/python/cpython/pull/148809","reference_id":"148809","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:15:36Z/"}],"url":"https://github.com/python/cpython/pull/148809"},{"reference_url":"https://github.com/python/cpython/commit/27522b7d6e6588f03e61099dd858cd5a9314e2f2","reference_id":"27522b7d6e6588f03e61099dd858cd5a9314e2f2","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:15:36Z/"}],"url":"https://github.com/python/cpython/commit/27522b7d6e6588f03e61099dd858cd5a9314e2f2"},{"reference_url":"https://github.com/python/cpython/commit/95633d2aad4721e25e4dfd9f43dfb6e1edcbd741","reference_id":"95633d2aad4721e25e4dfd9f43dfb6e1edcbd741","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:15:36Z/"}],"url":"https://github.com/python/cpython/commit/95633d2aad4721e25e4dfd9f43dfb6e1edcbd741"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/KWTPIQBOOOUNQP7UFSLBI437NJDFLA3F/","reference_id":"KWTPIQBOOOUNQP7UFSLBI437NJDFLA3F","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-21T19:15:36Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/KWTPIQBOOOUNQP7UFSLBI437NJDFLA3F/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2026-3298"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hmcw-zcsy-9qcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73711?format=json","vulnerability_id":"VCID-hssa-umby-eud3","summary":"python: local privilege escalation via search path in Windows","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26488.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26488.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26488","reference_id":"","reference_type":"","scores":[{"value":"0.01354","scoring_system":"epss","scoring_elements":"0.80302","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01354","scoring_system":"epss","scoring_elements":"0.8021","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01354","scoring_system":"epss","scoring_elements":"0.80232","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01354","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01354","scoring_system":"epss","scoring_elements":"0.80243","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01354","scoring_system":"epss","scoring_elements":"0.80259","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.8175","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81744","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81782","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81783","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81786","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81712","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81739","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81743","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81763","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.81715","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01669","scoring_system":"epss","scoring_elements":"0.82055","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01703","scoring_system":"epss","scoring_elements":"0.82359","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01703","scoring_system":"epss","scoring_elements":"0.8237","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01703","scoring_system":"epss","scoring_elements":"0.82374","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26488"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2316527","reference_id":"2316527","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2316527"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2022-26488"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hssa-umby-eud3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42642?format=json","vulnerability_id":"VCID-hz5k-rky7-nucg","summary":"Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41105.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41105.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-41105","reference_id":"","reference_type":"","scores":[{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56268","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56123","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56172","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56235","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56184","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56208","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58339","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58345","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58356","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58342","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58359","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58333","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58385","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58391","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58409","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58388","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58369","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58401","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58406","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58383","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-41105"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/pull/107981","reference_id":"107981","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/"}],"url":"https://github.com/python/cpython/pull/107981"},{"reference_url":"https://github.com/python/cpython/pull/107982","reference_id":"107982","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/"}],"url":"https://github.com/python/cpython/pull/107982"},{"reference_url":"https://github.com/python/cpython/pull/107983","reference_id":"107983","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/"}],"url":"https://github.com/python/cpython/pull/107983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235795","reference_id":"2235795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235795"},{"reference_url":"https://mail.python.org/archives/list/security-announce%40python.org/thread/D6CDW3ZZC5D444YGL3VQUY6D4ECMCQLD/","reference_id":"D6CDW3ZZC5D444YGL3VQUY6D4ECMCQLD","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/"}],"url":"https://mail.python.org/archives/list/security-announce%40python.org/thread/D6CDW3ZZC5D444YGL3VQUY6D4ECMCQLD/"},{"reference_url":"https://security.gentoo.org/glsa/202405-01","reference_id":"GLSA-202405-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-01"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231006-0015/","reference_id":"ntap-20231006-0015","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231006-0015/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6494","reference_id":"RHSA-2023:6494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7024","reference_id":"RHSA-2023:7024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7024"},{"reference_url":"https://usn.ubuntu.com/6547-1/","reference_id":"USN-6547-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6547-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2023-41105"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hz5k-rky7-nucg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69467?format=json","vulnerability_id":"VCID-q6g1-cjz3-77e4","summary":"cpython: Tarfile extracts filtered members when errorlevel=0","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4435.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4435.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4435","reference_id":"","reference_type":"","scores":[{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67621","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67834","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67777","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67751","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67782","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67745","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67702","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67622","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67663","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67696","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67711","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67688","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67673","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67642","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67725","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67723","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67692","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67712","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00541","scoring_system":"epss","scoring_elements":"0.67699","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4435"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/135034","reference_id":"135034","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/issues/135034"},{"reference_url":"https://github.com/python/cpython/pull/135037","reference_id":"135037","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/pull/135037"},{"reference_url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da","reference_id":"19de092debb3d7e832e5672cc2f7b788d35951da","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370010","reference_id":"2370010","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370010"},{"reference_url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9","reference_id":"28463dba112af719df1e8b0391c46787ad756dd9","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9"},{"reference_url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a","reference_id":"3612d8f51741b11f36f8fb0494d79086bac9390a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"},{"reference_url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_id":"4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e"},{"reference_url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a","reference_id":"9c1110ef6652687d7c55f590f909720eddde965a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a"},{"reference_url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_id":"9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"},{"reference_url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_id":"aa9eb5f757ceff461e6e996f12c89e5d9b583b01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01"},{"reference_url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_id":"dd8f187d0746da151e0025c51680979ac5b4cfb1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/","reference_id":"MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10026","reference_id":"RHSA-2025:10026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10028","reference_id":"RHSA-2025:10028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10031","reference_id":"RHSA-2025:10031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10128","reference_id":"RHSA-2025:10128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10136","reference_id":"RHSA-2025:10136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10140","reference_id":"RHSA-2025:10140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10148","reference_id":"RHSA-2025:10148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10189","reference_id":"RHSA-2025:10189","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10399","reference_id":"RHSA-2025:10399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10484","reference_id":"RHSA-2025:10484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10602","reference_id":"RHSA-2025:10602","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10602"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13267","reference_id":"RHSA-2025:13267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23530","reference_id":"RHSA-2025:23530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9918","reference_id":"RHSA-2025:9918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9918"},{"reference_url":"https://usn.ubuntu.com/7583-1/","reference_id":"USN-7583-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7583-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2025-4435"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q6g1-cjz3-77e4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71849?format=json","vulnerability_id":"VCID-s5yq-pjhc-fbcm","summary":"python: Default mimetype known files writeable on Windows","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3220.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3220.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3220","reference_id":"","reference_type":"","scores":[{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44493","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44559","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44563","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44483","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.4436","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44437","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44454","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.4439","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44423","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52301","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52305","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52287","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52294","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52263","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52202","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.5223","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52194","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52248","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52243","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3220"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345794","reference_id":"2345794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345794"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/CDXW34ND2LSAOYAR5N6UNONP4ZBX4D6R/","reference_id":"CDXW34ND2LSAOYAR5N6UNONP4ZBX4D6R","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T16:46:00Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/CDXW34ND2LSAOYAR5N6UNONP4ZBX4D6R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2024-3220"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s5yq-pjhc-fbcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42638?format=json","vulnerability_id":"VCID-s7qf-hjkq-wkdy","summary":"Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6507.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6507.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6507","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24093","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24209","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24197","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24174","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2405","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24039","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23997","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23888","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2397","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24038","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23985","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24005","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24382","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24166","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24232","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24276","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24293","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24193","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27973","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6507"},{"reference_url":"https://github.com/python/cpython/commit/10e9bb13b8dcaa414645b9bd10718d8f7179e82b","reference_id":"10e9bb13b8dcaa414645b9bd10718d8f7179e82b","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/"}],"url":"https://github.com/python/cpython/commit/10e9bb13b8dcaa414645b9bd10718d8f7179e82b"},{"reference_url":"https://github.com/python/cpython/issues/112334","reference_id":"112334","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/"}],"url":"https://github.com/python/cpython/issues/112334"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293948","reference_id":"2293948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293948"},{"reference_url":"https://github.com/python/cpython/commit/85bbfa8a4bbdbb61a3a84fbd7cb29a4096ab8a06","reference_id":"85bbfa8a4bbdbb61a3a84fbd7cb29a4096ab8a06","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/"}],"url":"https://github.com/python/cpython/commit/85bbfa8a4bbdbb61a3a84fbd7cb29a4096ab8a06"},{"reference_url":"https://github.com/python/cpython/commit/9fe7655c6ce0b8e9adc229daf681b6d30e6b1610","reference_id":"9fe7655c6ce0b8e9adc229daf681b6d30e6b1610","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/"}],"url":"https://github.com/python/cpython/commit/9fe7655c6ce0b8e9adc229daf681b6d30e6b1610"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/AUL7QFHBLILGISS7U63B47AYSSGJJQZD/","reference_id":"AUL7QFHBLILGISS7U63B47AYSSGJJQZD","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/AUL7QFHBLILGISS7U63B47AYSSGJJQZD/"},{"reference_url":"https://security.gentoo.org/glsa/202405-01","reference_id":"GLSA-202405-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-01"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2023-6507"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s7qf-hjkq-wkdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/223883?format=json","vulnerability_id":"VCID-sbe1-cx8r-aba1","summary":"On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile directory may not have the intended permissions.\n\nIf you’re not using Windows or haven’t changed the temporary directory location then you aren’t affected by this vulnerability. On other platforms the returned directory is consistently readable and writable only by the current user.\n\nThis issue was caused by Python not supporting Unix permissions on Windows. The fix adds support for Unix “700” for the mkdir function on Windows which is used by mkdtemp() to ensure the newly created directory has the proper permissions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4030","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06916","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07193","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07165","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07152","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06723","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0677","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0717","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07082","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06756","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06808","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06846","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0685","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06844","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06838","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0678","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06772","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06931","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06895","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06923","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.069","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4030"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/118486","reference_id":"118486","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/issues/118486"},{"reference_url":"https://github.com/python/cpython/commit/35c799d79177b962ddace2fa068101465570a29a","reference_id":"35c799d79177b962ddace2fa068101465570a29a","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/35c799d79177b962ddace2fa068101465570a29a"},{"reference_url":"https://github.com/python/cpython/commit/5130731c9e779b97d00a24f54cdce73ce9975dfd","reference_id":"5130731c9e779b97d00a24f54cdce73ce9975dfd","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/5130731c9e779b97d00a24f54cdce73ce9975dfd"},{"reference_url":"https://github.com/python/cpython/commit/66f8bb76a15e64a1bb7688b177ed29e26230fdee","reference_id":"66f8bb76a15e64a1bb7688b177ed29e26230fdee","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/66f8bb76a15e64a1bb7688b177ed29e26230fdee"},{"reference_url":"https://github.com/python/cpython/commit/6d0850c4c8188035643586ab4d8ec2468abd699e","reference_id":"6d0850c4c8188035643586ab4d8ec2468abd699e","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/6d0850c4c8188035643586ab4d8ec2468abd699e"},{"reference_url":"https://github.com/python/cpython/commit/81939dad77001556c527485d31a2d0f4a759033e","reference_id":"81939dad77001556c527485d31a2d0f4a759033e","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/81939dad77001556c527485d31a2d0f4a759033e"},{"reference_url":"https://github.com/python/cpython/commit/8ed546679524140d8282175411fd141fe7df070d","reference_id":"8ed546679524140d8282175411fd141fe7df070d","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/8ed546679524140d8282175411fd141fe7df070d"},{"reference_url":"https://github.com/python/cpython/commit/91e3669e01245185569d09e9e6e11641282971ee","reference_id":"91e3669e01245185569d09e9e6e11641282971ee","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/91e3669e01245185569d09e9e6e11641282971ee"},{"reference_url":"https://github.com/python/cpython/commit/94591dca510c796c7d40e9b4167ea56f2fdf28ca","reference_id":"94591dca510c796c7d40e9b4167ea56f2fdf28ca","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/94591dca510c796c7d40e9b4167ea56f2fdf28ca"},{"reference_url":"https://github.com/python/cpython/commit/c8f868dc52f98011d0f9b459b6487920bfb0ac4d","reference_id":"c8f868dc52f98011d0f9b459b6487920bfb0ac4d","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/c8f868dc52f98011d0f9b459b6487920bfb0ac4d"},{"reference_url":"https://github.com/python/cpython/commit/d86b49411753bf2c83291e3a14ae43fefded2f84","reference_id":"d86b49411753bf2c83291e3a14ae43fefded2f84","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/d86b49411753bf2c83291e3a14ae43fefded2f84"},{"reference_url":"https://github.com/python/cpython/commit/e1dfa978b1ad210d551385ad8073ec6154f53763","reference_id":"e1dfa978b1ad210d551385ad8073ec6154f53763","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/e1dfa978b1ad210d551385ad8073ec6154f53763"},{"reference_url":"https://github.com/python/cpython/commit/eb29e2f5905da93333d1ce78bc98b151e763ff46","reference_id":"eb29e2f5905da93333d1ce78bc98b151e763ff46","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://github.com/python/cpython/commit/eb29e2f5905da93333d1ce78bc98b151e763ff46"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240705-0005/","reference_id":"ntap-20240705-0005","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240705-0005/"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/PRGS5OR3N3PNPT4BMV2VAGN5GMUI5636/","reference_id":"PRGS5OR3N3PNPT4BMV2VAGN5GMUI5636","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/PRGS5OR3N3PNPT4BMV2VAGN5GMUI5636/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2024-4030"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sbe1-cx8r-aba1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72620?format=json","vulnerability_id":"VCID-uvcx-satp-m3db","summary":"python: Unbounded memory buffering in SelectorSocketTransport.writelines()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12254.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12254.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-12254","reference_id":"","reference_type":"","scores":[{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48186","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48161","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48182","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48132","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48185","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.4818","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48204","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48177","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48188","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.4824","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48235","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48183","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.4813","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48049","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48114","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48137","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48083","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48112","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49005","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48996","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-12254"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089235","reference_id":"1089235","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089235"},{"reference_url":"https://github.com/python/cpython/issues/127655","reference_id":"127655","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T15:35:11Z/"}],"url":"https://github.com/python/cpython/issues/127655"},{"reference_url":"https://github.com/python/cpython/pull/127656","reference_id":"127656","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T15:35:11Z/"}],"url":"https://github.com/python/cpython/pull/127656"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2330804","reference_id":"2330804","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2330804"},{"reference_url":"https://github.com/python/cpython/commit/71e8429ac8e2adc10084ab5ec29a62f4b6671a82","reference_id":"71e8429ac8e2adc10084ab5ec29a62f4b6671a82","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T15:35:11Z/"}],"url":"https://github.com/python/cpython/commit/71e8429ac8e2adc10084ab5ec29a62f4b6671a82"},{"reference_url":"https://github.com/python/cpython/commit/9aa0deb2eef2655a1029ba228527b152353135b5","reference_id":"9aa0deb2eef2655a1029ba228527b152353135b5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T15:35:11Z/"}],"url":"https://github.com/python/cpython/commit/9aa0deb2eef2655a1029ba228527b152353135b5"},{"reference_url":"https://github.com/python/cpython/commit/e991ac8f2037d78140e417cc9a9486223eb3e786","reference_id":"e991ac8f2037d78140e417cc9a9486223eb3e786","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T15:35:11Z/"}],"url":"https://github.com/python/cpython/commit/e991ac8f2037d78140e417cc9a9486223eb3e786"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/H4O3UBAOAQQXGT4RE3E4XQYR5XLROORB/","reference_id":"H4O3UBAOAQQXGT4RE3E4XQYR5XLROORB","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T15:35:11Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/H4O3UBAOAQQXGT4RE3E4XQYR5XLROORB/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10978","reference_id":"RHSA-2024:10978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10980","reference_id":"RHSA-2024:10980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11035","reference_id":"RHSA-2024:11035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11035"},{"reference_url":"https://usn.ubuntu.com/7219-1/","reference_id":"USN-7219-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7219-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2024-12254"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uvcx-satp-m3db"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/294729?format=json","vulnerability_id":"VCID-v6ry-7xxz-nbeu","summary":"CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-33595","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20077","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25541","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25313","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25381","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25426","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25437","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25396","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25342","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25349","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25341","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.2531","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25272","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25263","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25218","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25099","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25162","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25222","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25149","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25168","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25245","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-33595"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2023-33595"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v6ry-7xxz-nbeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/265016?format=json","vulnerability_id":"VCID-ymg5-42xm-7fh9","summary":"The\n “socket” module provides a pure-Python fallback to the \nsocket.socketpair() function for platforms that don’t support AF_UNIX, \nsuch as Windows. This pure-Python implementation uses AF_INET or \nAF_INET6 to create a local connected pair of sockets. The connection \nbetween the two sockets was not verified before passing the two sockets \nback to the user, which leaves the server socket vulnerable to a \nconnection race from a malicious local peer.\n\nPlatforms that support AF_UNIX such as Linux and macOS are not affected by this vulnerability. Versions prior to CPython 3.5 are not affected due to the vulnerable API not being included.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3219","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19393","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19175","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19036","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19072","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.18973","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.1889","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.1901","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19055","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19066","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19174","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19165","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19156","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19197","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19298","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19293","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19241","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19162","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19444","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3219"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/commit/06fa244666ec6335a3b9bf2367e31b42b9a89b20","reference_id":"06fa244666ec6335a3b9bf2367e31b42b9a89b20","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/06fa244666ec6335a3b9bf2367e31b42b9a89b20"},{"reference_url":"https://github.com/python/cpython/commit/0b65c8bf5367625673eafb92f85046a1b31259f2","reference_id":"0b65c8bf5367625673eafb92f85046a1b31259f2","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/0b65c8bf5367625673eafb92f85046a1b31259f2"},{"reference_url":"https://github.com/python/cpython/issues/122133","reference_id":"122133","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/issues/122133"},{"reference_url":"https://github.com/python/cpython/pull/122134","reference_id":"122134","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/pull/122134"},{"reference_url":"https://github.com/python/cpython/commit/220e31adeaaa8436c9ff234cba1398bc49e2bb6c","reference_id":"220e31adeaaa8436c9ff234cba1398bc49e2bb6c","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/220e31adeaaa8436c9ff234cba1398bc49e2bb6c"},{"reference_url":"https://github.com/python/cpython/commit/2621a8a40ba4b2c68ca564671b7daa5da80a4508","reference_id":"2621a8a40ba4b2c68ca564671b7daa5da80a4508","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/2621a8a40ba4b2c68ca564671b7daa5da80a4508"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/29/3","reference_id":"3","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/29/3"},{"reference_url":"https://github.com/python/cpython/commit/31302f5fc24eecd693f0c8aaba7c2840b09b594d","reference_id":"31302f5fc24eecd693f0c8aaba7c2840b09b594d","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/31302f5fc24eecd693f0c8aaba7c2840b09b594d"},{"reference_url":"https://github.com/python/cpython/commit/3f5d9d12c74787fbf3f5891835c85cc15526c86d","reference_id":"3f5d9d12c74787fbf3f5891835c85cc15526c86d","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/3f5d9d12c74787fbf3f5891835c85cc15526c86d"},{"reference_url":"https://github.com/python/cpython/commit/5df322e91a40909e6904bbdbc0c3a6b6a9eead39","reference_id":"5df322e91a40909e6904bbdbc0c3a6b6a9eead39","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/5df322e91a40909e6904bbdbc0c3a6b6a9eead39"},{"reference_url":"https://github.com/python/cpython/commit/5f90abaa786f994db3907fc31e2ee00ea2cf0929","reference_id":"5f90abaa786f994db3907fc31e2ee00ea2cf0929","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/5f90abaa786f994db3907fc31e2ee00ea2cf0929"},{"reference_url":"https://github.com/python/cpython/commit/78df1043dbdce5c989600616f9f87b4ee72944e5","reference_id":"78df1043dbdce5c989600616f9f87b4ee72944e5","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/78df1043dbdce5c989600616f9f87b4ee72944e5"},{"reference_url":"https://github.com/python/cpython/commit/b252317956b7fc035bb3774ef6a177e227f9fc54","reference_id":"b252317956b7fc035bb3774ef6a177e227f9fc54","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/b252317956b7fc035bb3774ef6a177e227f9fc54"},{"reference_url":"https://github.com/python/cpython/commit/c21a36112a0028d7ac3cf8f480e0dc88dba5922c","reference_id":"c21a36112a0028d7ac3cf8f480e0dc88dba5922c","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/c21a36112a0028d7ac3cf8f480e0dc88dba5922c"},{"reference_url":"https://github.com/python/cpython/commit/c5655aa6ad120d2ed7f255bebd6e8b71a9c07dde","reference_id":"c5655aa6ad120d2ed7f255bebd6e8b71a9c07dde","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/c5655aa6ad120d2ed7f255bebd6e8b71a9c07dde"},{"reference_url":"https://github.com/python/cpython/commit/e319f774f9e766a2b92949444a2d46081df3363a","reference_id":"e319f774f9e766a2b92949444a2d46081df3363a","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/e319f774f9e766a2b92949444a2d46081df3363a"},{"reference_url":"https://github.com/python/cpython/commit/f071f01b7b7e19d7d6b3a4b0ec62f820ecb14660","reference_id":"f071f01b7b7e19d7d6b3a4b0ec62f820ecb14660","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://github.com/python/cpython/commit/f071f01b7b7e19d7d6b3a4b0ec62f820ecb14660"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/WYKDQWIERRE2ICIYMSVRZJO33GSCWU2B/","reference_id":"WYKDQWIERRE2ICIYMSVRZJO33GSCWU2B","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/WYKDQWIERRE2ICIYMSVRZJO33GSCWU2B/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936985?format=json","purl":"pkg:deb/debian/python3.9@0?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/936982?format=json","purl":"pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye"}],"aliases":["CVE-2024-3219"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ymg5-42xm-7fh9"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye"}