Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/qemu@1:7.1%2Bdfsg-1?distro=trixie

Type deb

Namespace debian

Name qemu

Version 1:7.1+dfsg-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:7.1+dfsg-2

Latest_non_vulnerable_version 1:11.0.0+ds-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-f2fx-sqtp-8yhe

vulnerability_id VCID-f2fx-sqtp-8yhe

summary Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0216.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0216.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0216

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06028
published_at	2026-04-01T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06061
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.0609
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06073
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06114
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06152
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06144
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.0614
published_at	2026-04-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06132
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06093
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06104
published_at	2026-04-18T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06254
published_at	2026-04-21T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06273
published_at	2026-04-24T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.063
published_at	2026-04-26T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06311
published_at	2026-04-29T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06328
published_at	2026-05-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0216

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0216
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0216

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014590
reference_id	1014590
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014590

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2036953
reference_id	2036953
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2036953

reference_url	https://security.gentoo.org/glsa/202408-18
reference_id	GLSA-202408-18
reference_type
scores
url	https://security.gentoo.org/glsa/202408-18

reference_url	https://usn.ubuntu.com/5772-1/
reference_id	USN-5772-1
reference_type
scores
url	https://usn.ubuntu.com/5772-1/

fixed_packages

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:7.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:7.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.1%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2022-0216

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f2fx-sqtp-8yhe

url VCID-ne4d-zj65-qkgx

vulnerability_id VCID-ne4d-zj65-qkgx

summary QEMU: fdc: heap buffer overflow in DMA read data transfers

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3507.json

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3507.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3507

reference_id

reference_type

scores

value	0.00029
scoring_system	epss
scoring_elements	0.08241
published_at	2026-04-01T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08296
published_at	2026-04-02T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08349
published_at	2026-04-04T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08293
published_at	2026-04-07T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08356
published_at	2026-04-08T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08373
published_at	2026-04-21T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08365
published_at	2026-04-11T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08345
published_at	2026-04-12T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08328
published_at	2026-04-13T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08225
published_at	2026-04-16T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08212
published_at	2026-04-18T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08343
published_at	2026-04-24T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08306
published_at	2026-04-26T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08272
published_at	2026-04-29T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08242
published_at	2026-05-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3507

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1951118
reference_id	1951118
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1951118

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987410
reference_id	987410
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987410

reference_url	https://access.redhat.com/errata/RHSA-2022:7472
reference_id	RHSA-2022:7472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7472

reference_url	https://access.redhat.com/errata/RHSA-2022:7967
reference_id	RHSA-2022:7967
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7967

reference_url	https://usn.ubuntu.com/5489-1/
reference_id	USN-5489-1
reference_type
scores
url	https://usn.ubuntu.com/5489-1/

fixed_packages

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:7.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:7.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.1%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2021-3507

risk_score 2.0

exploitability 0.5

weighted_severity 4.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ne4d-zj65-qkgx

url VCID-pxjg-chmx-nkdc

vulnerability_id VCID-pxjg-chmx-nkdc

summary Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35414.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35414.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-35414

reference_id

reference_type

scores

value	0.00297
scoring_system	epss
scoring_elements	0.52967
published_at	2026-05-05T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53002
published_at	2026-04-02T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53026
published_at	2026-04-04T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.52993
published_at	2026-04-07T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53044
published_at	2026-04-08T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53037
published_at	2026-04-09T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53086
published_at	2026-04-11T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53071
published_at	2026-04-12T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53055
published_at	2026-04-13T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53092
published_at	2026-04-16T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53099
published_at	2026-04-18T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53082
published_at	2026-04-21T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53048
published_at	2026-04-24T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53057
published_at	2026-04-26T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53017
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-35414

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35414
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35414

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014958
reference_id	1014958
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014958

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2124911
reference_id	2124911
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2124911

reference_url	https://security.gentoo.org/glsa/202408-18
reference_id	GLSA-202408-18
reference_type
scores
url	https://security.gentoo.org/glsa/202408-18

fixed_packages

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:7.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:7.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.1%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2022-35414

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pxjg-chmx-nkdc

url VCID-rz5x-q1ne-53he

vulnerability_id VCID-rz5x-q1ne-53he

summary Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14394.json

reference_id

reference_type

scores

value	3.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14394.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14394

reference_id

reference_type

scores

value	0.00025
scoring_system	epss
scoring_elements	0.06818
published_at	2026-04-01T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06901
published_at	2026-04-02T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06951
published_at	2026-04-04T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06935
published_at	2026-04-07T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06989
published_at	2026-04-08T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.0702
published_at	2026-04-09T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07025
published_at	2026-04-11T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07014
published_at	2026-04-12T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07007
published_at	2026-04-13T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06946
published_at	2026-04-16T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.0693
published_at	2026-04-18T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07064
published_at	2026-04-21T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07048
published_at	2026-04-24T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07052
published_at	2026-04-26T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07013
published_at	2026-04-29T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07032
published_at	2026-05-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14394

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14394
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14394

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1908004
reference_id	1908004
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1908004

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979677
reference_id	979677
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979677

reference_url	https://security.gentoo.org/glsa/202408-18
reference_id	GLSA-202408-18
reference_type
scores
url	https://security.gentoo.org/glsa/202408-18

reference_url	https://usn.ubuntu.com/6567-1/
reference_id	USN-6567-1
reference_type
scores
url	https://usn.ubuntu.com/6567-1/

fixed_packages

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:7.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/qemu@1:7.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.1%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-b6b6-s7cj-sygh

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2020-14394

risk_score 1.4

exploitability 0.5

weighted_severity 2.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rz5x-q1ne-53he

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.1%252Bdfsg-1%3Fdistro=trixie

Package Instance