{"url":"http://public2.vulnerablecode.io/api/packages/93908?format=json","purl":"pkg:rpm/redhat/python3.12@3.12.3-2?arch=el8_10","type":"rpm","namespace":"redhat","name":"python3.12","version":"3.12.3-2","qualifiers":{"arch":"el8_10"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42644?format=json","vulnerability_id":"VCID-js5p-py72-2kga","summary":"Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0450.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0450.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0450","reference_id":"","reference_type":"","scores":[{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35093","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35409","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35384","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35338","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35454","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35429","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.349","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34874","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.3497","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34933","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34861","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34983","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35072","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35328","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.3538","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35392","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35352","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35374","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35411","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0450"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070133","reference_id":"1070133","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070133"},{"reference_url":"https://github.com/python/cpython/issues/109858","reference_id":"109858","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"https://github.com/python/cpython/issues/109858"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2276525","reference_id":"2276525","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2276525"},{"reference_url":"https://github.com/python/cpython/commit/30fe5d853b56138dbec62432d370a1f99409fc85","reference_id":"30fe5d853b56138dbec62432d370a1f99409fc85","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"https://github.com/python/cpython/commit/30fe5d853b56138dbec62432d370a1f99409fc85"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/20/5","reference_id":"5","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/03/20/5"},{"reference_url":"https://github.com/python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba","reference_id":"66363b9a7b9fe7c99eba3a185b74c5fdbf842eba","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"https://github.com/python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba"},{"reference_url":"https://github.com/python/cpython/commit/70497218351ba44bffc8b571201ecb5652d84675","reference_id":"70497218351ba44bffc8b571201ecb5652d84675","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"https://github.com/python/cpython/commit/70497218351ba44bffc8b571201ecb5652d84675"},{"reference_url":"https://github.com/python/cpython/commit/a2c59992e9e8d35baba9695eb186ad6c6ff85c51","reference_id":"a2c59992e9e8d35baba9695eb186ad6c6ff85c51","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"https://github.com/python/cpython/commit/a2c59992e9e8d35baba9695eb186ad6c6ff85c51"},{"reference_url":"https://github.com/python/cpython/commit/a956e510f6336d5ae111ba429a61c3ade30a7549","reference_id":"a956e510f6336d5ae111ba429a61c3ade30a7549","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"https://github.com/python/cpython/commit/a956e510f6336d5ae111ba429a61c3ade30a7549"},{"reference_url":"https://github.com/python/cpython/commit/d05bac0b74153beb541b88b4fca33bf053990183","reference_id":"d05bac0b74153beb541b88b4fca33bf053990183","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"https://github.com/python/cpython/commit/d05bac0b74153beb541b88b4fca33bf053990183"},{"reference_url":"https://github.com/python/cpython/commit/fa181fcf2156f703347b03a3b1966ce47be8ab3b","reference_id":"fa181fcf2156f703347b03a3b1966ce47be8ab3b","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"https://github.com/python/cpython/commit/fa181fcf2156f703347b03a3b1966ce47be8ab3b"},{"reference_url":"https://security.gentoo.org/glsa/202405-01","reference_id":"GLSA-202405-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html","reference_id":"msg00025.html","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3347","reference_id":"RHSA-2024:3347","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3391","reference_id":"RHSA-2024:3391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3466","reference_id":"RHSA-2024:3466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4058","reference_id":"RHSA-2024:4058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4078","reference_id":"RHSA-2024:4078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4243","reference_id":"RHSA-2024:4243","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4243"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4406","reference_id":"RHSA-2024:4406","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4406"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9190","reference_id":"RHSA-2024:9190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9192","reference_id":"RHSA-2024:9192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9192"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/","reference_id":"T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/","reference_id":"U5VHWS52HGD743C47UMCSAK2A773M2YE","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/7212-1/","reference_id":"USN-7212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7212-1/"},{"reference_url":"https://mail.python.org/archives/list/security-announce@python.org/thread/XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG/","reference_id":"XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG/"},{"reference_url":"https://www.bamsoftware.com/hacks/zipbomb/","reference_id":"zipbomb","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/"}],"url":"https://www.bamsoftware.com/hacks/zipbomb/"}],"fixed_packages":[],"aliases":["CVE-2024-0450"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-js5p-py72-2kga"}],"fixing_vulnerabilities":[],"risk_score":"2.8","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python3.12@3.12.3-2%3Farch=el8_10"}