Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/qemu@1:6.0%2Bdfsg-3?distro=trixie

Type deb

Namespace debian

Name qemu

Version 1:6.0+dfsg-3

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:6.1+dfsg-1

Latest_non_vulnerable_version 1:11.0.0+ds-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-6qnt-yaa3-p3bb

vulnerability_id VCID-6qnt-yaa3-p3bb

summary Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35506.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35506.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35506

reference_id

reference_type

scores

value	0.0003
scoring_system	epss
scoring_elements	0.08517
published_at	2026-04-01T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08545
published_at	2026-04-02T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08598
published_at	2026-04-04T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08516
published_at	2026-04-07T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08589
published_at	2026-04-08T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08612
published_at	2026-04-09T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08609
published_at	2026-04-11T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08588
published_at	2026-04-12T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08575
published_at	2026-04-13T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08464
published_at	2026-04-16T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08451
published_at	2026-04-18T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08601
published_at	2026-04-21T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08614
published_at	2026-04-24T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08567
published_at	2026-04-26T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.0857
published_at	2026-04-29T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08509
published_at	2026-05-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35506

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1909996
reference_id	1909996
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1909996

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984454
reference_id	984454
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984454

reference_url	https://security.gentoo.org/glsa/202208-27
reference_id	GLSA-202208-27
reference_type
scores
url	https://security.gentoo.org/glsa/202208-27

fixed_packages

url	pkg:deb/debian/qemu@1:6.0%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:6.0%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:6.0%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2020-35506

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6qnt-yaa3-p3bb

url VCID-eb18-wa2w-q7bn

vulnerability_id VCID-eb18-wa2w-q7bn

summary Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3682.json

reference_id

reference_type

scores

value	8.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3682.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3682

reference_id

reference_type

scores

value	0.00418
scoring_system	epss
scoring_elements	0.61708
published_at	2026-04-01T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.61782
published_at	2026-04-07T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.61813
published_at	2026-04-04T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.61831
published_at	2026-04-08T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.61847
published_at	2026-04-09T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.61868
published_at	2026-04-11T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.61857
published_at	2026-04-12T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.61882
published_at	2026-04-26T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.61875
published_at	2026-04-29T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.61837
published_at	2026-04-13T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.6188
published_at	2026-04-16T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.61885
published_at	2026-04-18T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.61869
published_at	2026-04-21T12:55:00Z

value	0.00418
scoring_system	epss
scoring_elements	0.61864
published_at	2026-04-24T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63839
published_at	2026-05-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1989651
reference_id	1989651
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1989651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991911
reference_id	991911
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991911

reference_url	https://security.gentoo.org/glsa/202208-27
reference_id	GLSA-202208-27
reference_type
scores
url	https://security.gentoo.org/glsa/202208-27

reference_url	https://access.redhat.com/errata/RHSA-2021:3703
reference_id	RHSA-2021:3703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3703

reference_url	https://access.redhat.com/errata/RHSA-2021:3704
reference_id	RHSA-2021:3704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3704

reference_url	https://usn.ubuntu.com/5307-1/
reference_id	USN-5307-1
reference_type
scores
url	https://usn.ubuntu.com/5307-1/

reference_url	https://usn.ubuntu.com/5772-1/
reference_id	USN-5772-1
reference_type
scores
url	https://usn.ubuntu.com/5772-1/

fixed_packages

url	pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3kyg-9mf3-kfft

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-6qnt-yaa3-p3bb

vulnerability	VCID-cenj-mz55-jbg6

vulnerability	VCID-d2ve-dnmj-4bbz

vulnerability	VCID-ej5p-r4az-6ud2

vulnerability	VCID-ewb7-nrtu-g7ex

vulnerability	VCID-gc6n-kgsc-f3b6

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-mtj9-1cns-yybw

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-p2dz-mtns-5bb4

vulnerability	VCID-ptty-88p4-ybe9

vulnerability	VCID-pxjg-chmx-nkdc

vulnerability	VCID-qh2s-apkz-sbaz

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-t5gq-4bhn-gkej

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-w7gc-1eh2-3ufu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:6.0%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:6.0%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:6.0%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2021-3682

risk_score 3.9

exploitability 0.5

weighted_severity 7.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eb18-wa2w-q7bn

url VCID-gc6n-kgsc-f3b6

vulnerability_id VCID-gc6n-kgsc-f3b6

summary Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35505.json

reference_id

reference_type

scores

value	3.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35505.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35505

reference_id

reference_type

scores

value	0.00117
scoring_system	epss
scoring_elements	0.30052
published_at	2026-05-05T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30388
published_at	2026-04-24T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30273
published_at	2026-04-26T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30194
published_at	2026-04-29T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30772
published_at	2026-04-04T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30586
published_at	2026-04-07T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30645
published_at	2026-04-08T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30678
published_at	2026-04-09T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30683
published_at	2026-04-11T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30638
published_at	2026-04-12T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30592
published_at	2026-04-13T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30618
published_at	2026-04-16T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30601
published_at	2026-04-18T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30566
published_at	2026-04-21T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31525
published_at	2026-04-02T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31388
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35505

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35505
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35505

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1909769
reference_id	1909769
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1909769

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984455
reference_id	984455
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984455

reference_url	https://security.gentoo.org/glsa/202208-27
reference_id	GLSA-202208-27
reference_type
scores
url	https://security.gentoo.org/glsa/202208-27

reference_url	https://usn.ubuntu.com/5010-1/
reference_id	USN-5010-1
reference_type
scores
url	https://usn.ubuntu.com/5010-1/

fixed_packages

url	pkg:deb/debian/qemu@1:6.0%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:6.0%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:6.0%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2020-35505

risk_score 1.4

exploitability 0.5

weighted_severity 2.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gc6n-kgsc-f3b6

url VCID-mtj9-1cns-yybw

vulnerability_id VCID-mtj9-1cns-yybw

summary QEMU: MMIO ops null pointer dereference may lead to DoS

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15469.json

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15469.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-15469

reference_id

reference_type

scores

value	0.0004
scoring_system	epss
scoring_elements	0.12214
published_at	2026-04-01T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.1233
published_at	2026-04-02T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12377
published_at	2026-04-04T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12178
published_at	2026-04-07T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12258
published_at	2026-04-08T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12308
published_at	2026-04-09T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12316
published_at	2026-04-11T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.1228
published_at	2026-04-12T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12243
published_at	2026-04-13T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12132
published_at	2026-04-16T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12134
published_at	2026-04-18T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12244
published_at	2026-04-21T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12224
published_at	2026-04-24T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12189
published_at	2026-04-26T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12078
published_at	2026-04-29T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.11992
published_at	2026-05-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-15469

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15469
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15469

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1853154
reference_id	1853154
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1853154

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970253
reference_id	970253
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970253

reference_url	https://usn.ubuntu.com/5010-1/
reference_id	USN-5010-1
reference_type
scores
url	https://usn.ubuntu.com/5010-1/

fixed_packages

url	pkg:deb/debian/qemu@1:6.0%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:6.0%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:6.0%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2020-15469

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mtj9-1cns-yybw

url VCID-qh2s-apkz-sbaz

vulnerability_id VCID-qh2s-apkz-sbaz

summary Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35504.json

reference_id

reference_type

scores

value	3.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35504.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35504

reference_id

reference_type

scores

value	0.00096
scoring_system	epss
scoring_elements	0.26634
published_at	2026-04-02T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26588
published_at	2026-04-01T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31438
published_at	2026-04-08T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31469
published_at	2026-04-09T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31473
published_at	2026-04-11T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.3143
published_at	2026-04-12T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31394
published_at	2026-04-13T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31427
published_at	2026-04-16T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31407
published_at	2026-04-18T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31379
published_at	2026-04-21T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31209
published_at	2026-04-24T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31085
published_at	2026-04-26T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31006
published_at	2026-04-29T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.30854
published_at	2026-05-05T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31568
published_at	2026-04-04T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31385
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35504

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35504

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1909766
reference_id	1909766
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1909766

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979679
reference_id	979679
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979679

reference_url	https://security.gentoo.org/glsa/202208-27
reference_id	GLSA-202208-27
reference_type
scores
url	https://security.gentoo.org/glsa/202208-27

reference_url	https://usn.ubuntu.com/5010-1/
reference_id	USN-5010-1
reference_type
scores
url	https://usn.ubuntu.com/5010-1/

fixed_packages

url	pkg:deb/debian/qemu@1:6.0%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/qemu@1:6.0%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:6.0%252Bdfsg-3%3Fdistro=trixie

url pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

purl pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-hkf8-96k7-kuc9

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-t58m-9jqp-43c9

vulnerability	VCID-uzxc-npak-yyc4

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-n71j-fz74-kyhf

vulnerability	VCID-n9n4-prkb-f3c6

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.1%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9szt-c829-zfdh

vulnerability	VCID-detn-3zsq-3qh7

vulnerability	VCID-m47q-17n6-t7gg

vulnerability	VCID-vcun-y6d5-6uby

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.1%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

purl pkg:deb/debian/qemu@1:10.2.2%2Bds-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1j9f-u62h-rug2

vulnerability	VCID-46gg-8h8g-2kf5

vulnerability	VCID-4mt9-kf9m-2fbz

vulnerability	VCID-n9n4-prkb-f3c6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/qemu@1:11.0.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1%3Fdistro=trixie

aliases CVE-2020-35504

risk_score 1.4

exploitability 0.5

weighted_severity 2.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qh2s-apkz-sbaz

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:6.0%252Bdfsg-3%3Fdistro=trixie

Package Instance