{"url":"http://public2.vulnerablecode.io/api/packages/943955?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","type":"deb","namespace":"debian","name":"zlib","version":"1:1.2.11.dfsg-2+deb11u2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1:1.2.11.dfsg-4","latest_non_vulnerable_version":"1:1.3.dfsg+really1.3.2-3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64466?format=json","vulnerability_id":"VCID-ac5e-emja-v3fe","summary":"zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27171.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27171.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27171","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00612","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00618","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00616","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00626","published_at":"2026-04-04T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00629","published_at":"2026-04-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00627","published_at":"2026-04-08T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0062","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00621","published_at":"2026-04-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00633","published_at":"2026-04-02T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0066","published_at":"2026-04-26T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00658","published_at":"2026-04-24T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00659","published_at":"2026-04-21T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00839","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27171"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27171","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27171"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128336","reference_id":"1128336","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128336"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2440530","reference_id":"2440530","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2440530"},{"reference_url":"https://github.com/madler/zlib/issues/904","reference_id":"904","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-18T13:35:50Z/"}],"url":"https://github.com/madler/zlib/issues/904"},{"reference_url":"https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf","reference_id":"pentest-report-zlib-RC1.1.pdf","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-18T13:35:50Z/"}],"url":"https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf"},{"reference_url":"https://github.com/madler/zlib/releases/tag/v1.3.2","reference_id":"v1.3.2","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-18T13:35:50Z/"}],"url":"https://github.com/madler/zlib/releases/tag/v1.3.2"},{"reference_url":"https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/","reference_id":"zlib-7asecurity-audit","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-18T13:35:50Z/"}],"url":"https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/"},{"reference_url":"https://ostif.org/zlib-audit-complete/","reference_id":"zlib-audit-complete","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-18T13:35:50Z/"}],"url":"https://ostif.org/zlib-audit-complete/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943969?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943957?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2026-27171"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ac5e-emja-v3fe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19471?format=json","vulnerability_id":"VCID-v6pc-48dg-4kad","summary":"Integer Overflow or Wraparound\nMiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45853.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45853.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45853","reference_id":"","reference_type":"","scores":[{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79715","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.797","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79693","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79662","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79659","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79629","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79636","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79652","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79631","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01322","scoring_system":"epss","scoring_elements":"0.7985","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01322","scoring_system":"epss","scoring_elements":"0.79863","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01322","scoring_system":"epss","scoring_elements":"0.79841","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01322","scoring_system":"epss","scoring_elements":"0.79879","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45853"},{"reference_url":"https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356"},{"reference_url":"https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45853","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45853"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4"},{"reference_url":"https://github.com/madler/zlib/commit/73331a6a0481067628f065ffe87bb1d8f787d10c","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/madler/zlib/commit/73331a6a0481067628f065ffe87bb1d8f787d10c"},{"reference_url":"https://github.com/madler/zlib/pull/843","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://github.com/madler/zlib/pull/843"},{"reference_url":"https://github.com/smihica/pyminizip","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smihica/pyminizip"},{"reference_url":"https://github.com/smihica/pyminizip/blob/master/zlib-1.2.11/contrib/minizip/zip.c","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/smihica/pyminizip/blob/master/zlib-1.2.11/contrib/minizip/zip.c"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-45853","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-45853"},{"reference_url":"https://pypi.org/project/pyminizip/#history","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://pypi.org/project/pyminizip/#history"},{"reference_url":"https://security.gentoo.org/glsa/202401-18","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://security.gentoo.org/glsa/202401-18"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231130-0009","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20231130-0009"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231130-0009/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231130-0009/"},{"reference_url":"https://www.winimage.com/zLibDll/minizip.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"https://www.winimage.com/zLibDll/minizip.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/20/9","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/20/9"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/24/10","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:37Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/01/24/10"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054290","reference_id":"1054290","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054290"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056718","reference_id":"1056718","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056718"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244556","reference_id":"2244556","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244556"},{"reference_url":"https://security.archlinux.org/AVG-2847","reference_id":"AVG-2847","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2847"},{"reference_url":"https://github.com/advisories/GHSA-mq29-j5xf-cjwr","reference_id":"GHSA-mq29-j5xf-cjwr","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mq29-j5xf-cjwr"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7626","reference_id":"RHSA-2023:7626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7626"},{"reference_url":"https://usn.ubuntu.com/7107-1/","reference_id":"USN-7107-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7107-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943967?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943958?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943956?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943957?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2023-45853","GHSA-mq29-j5xf-cjwr"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v6pc-48dg-4kad"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89053?format=json","vulnerability_id":"VCID-1vu9-xzw9-kfe2","summary":"zlib DoS","references":[{"reference_url":"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc"},{"reference_url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt"},{"reference_url":"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2096.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2096.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2096","reference_id":"","reference_type":"","scores":[{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97503","published_at":"2026-04-29T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97466","published_at":"2026-04-01T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97473","published_at":"2026-04-02T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97476","published_at":"2026-04-04T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97477","published_at":"2026-04-07T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97483","published_at":"2026-04-08T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97484","published_at":"2026-04-09T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97487","published_at":"2026-04-11T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97489","published_at":"2026-04-12T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.9749","published_at":"2026-04-13T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97497","published_at":"2026-04-16T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.975","published_at":"2026-04-26T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97499","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2096"},{"reference_url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391"},{"reference_url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096"},{"reference_url":"http://secunia.com/advisories/15949","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/15949"},{"reference_url":"http://secunia.com/advisories/17054","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17054"},{"reference_url":"http://secunia.com/advisories/17225","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17225"},{"reference_url":"http://secunia.com/advisories/17236","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17236"},{"reference_url":"http://secunia.com/advisories/17326","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17326"},{"reference_url":"http://secunia.com/advisories/17516","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17516"},{"reference_url":"http://secunia.com/advisories/18377","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18377"},{"reference_url":"http://secunia.com/advisories/18406","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18406"},{"reference_url":"http://secunia.com/advisories/18507","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18507"},{"reference_url":"http://secunia.com/advisories/19550","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19550"},{"reference_url":"http://secunia.com/advisories/19597","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19597"},{"reference_url":"http://secunia.com/advisories/24788","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/24788"},{"reference_url":"http://secunia.com/advisories/31492","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31492"},{"reference_url":"http://secunia.com/advisories/32706","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32706"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200507-05.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200507-05.xml"},{"reference_url":"http://securitytracker.com/id?1014398","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1014398"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/24064","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/24064"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1"},{"reference_url":"http://support.apple.com/kb/HT3298","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3298"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm"},{"reference_url":"http://www.debian.org/security/2005/dsa-740","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-740"},{"reference_url":"http://www.debian.org/security/2005/dsa-797","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-797"},{"reference_url":"http://www.debian.org/security/2006/dsa-1026","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2006/dsa-1026"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml"},{"reference_url":"http://www.kb.cert.org/vuls/id/680620","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/680620"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:112","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:112"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:196","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:196"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:070","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:070"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2005-569.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2005-569.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0629.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0629.html"},{"reference_url":"http://www.securityfocus.com/archive/1/421411/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/421411/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/464745/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/464745/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/482503/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/482503/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/482505/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/482505/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/482571/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/482571/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/482601/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/482601/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/482949/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/482949/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/482950/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/482950/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/14162","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/14162"},{"reference_url":"http://www.ubuntulinux.org/usn/usn-151-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntulinux.org/usn/usn-151-3"},{"reference_url":"http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html"},{"reference_url":"http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html"},{"reference_url":"http://www.vupen.com/english/advisories/2005/0978","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2005/0978"},{"reference_url":"http://www.vupen.com/english/advisories/2006/0144","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/0144"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1267","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1267"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317133","reference_id":"317133","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317133"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317523","reference_id":"317523","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317523"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317966","reference_id":"317966","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317966"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317967","reference_id":"317967","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317967"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317968","reference_id":"317968","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317968"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318014","reference_id":"318014","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318014"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318069","reference_id":"318069","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318069"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318091","reference_id":"318091","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318091"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318099","reference_id":"318099","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318099"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318100","reference_id":"318100","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318100"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318246","reference_id":"318246","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318246"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332236","reference_id":"332236","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332236"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=430650","reference_id":"430650","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=430650"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zlib:zlib:1.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zlib:zlib:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zlib:zlib:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2096","reference_id":"CVE-2005-2096","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:569","reference_id":"RHSA-2005:569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0264","reference_id":"RHSA-2008:0264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0525","reference_id":"RHSA-2008:0525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0629","reference_id":"RHSA-2008:0629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0629"},{"reference_url":"https://usn.ubuntu.com/148-1/","reference_id":"USN-148-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/148-1/"},{"reference_url":"https://usn.ubuntu.com/151-2/","reference_id":"USN-151-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-2/"},{"reference_url":"https://usn.ubuntu.com/151-3/","reference_id":"USN-151-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-3/"},{"reference_url":"https://usn.ubuntu.com/151-4/","reference_id":"USN-151-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943961?format=json","purl":"pkg:deb/debian/zlib@1:1.2.2-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.2-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943955?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943953?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943958?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943956?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943957?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2005-2096"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1vu9-xzw9-kfe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65193?format=json","vulnerability_id":"VCID-3aq8-fkrc-hqa2","summary":"zlib: zlib: Arbitrary code execution via buffer overflow in untgz utility","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22184.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22184.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22184","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04137","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04157","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04175","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04206","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04221","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04203","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04186","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04161","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00451","published_at":"2026-04-29T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00425","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00455","published_at":"2026-04-26T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00453","published_at":"2026-04-24T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00421","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22184"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22184","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22184"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427688","reference_id":"2427688","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427688"},{"reference_url":"https://seclists.org/fulldisclosure/2026/Jan/3","reference_id":"3","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-01-07T21:17:54Z/"}],"url":"https://seclists.org/fulldisclosure/2026/Jan/3"},{"reference_url":"https://github.com/madler/zlib","reference_id":"zlib","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-01-07T21:17:54Z/"}],"url":"https://github.com/madler/zlib"},{"reference_url":"https://zlib.net/","reference_id":"zlib.net","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-01-07T21:17:54Z/"}],"url":"https://zlib.net/"},{"reference_url":"https://www.vulncheck.com/advisories/zlib-untgz-global-buffer-overflow-in-tgzfname","reference_id":"zlib-untgz-global-buffer-overflow-in-tgzfname","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-01-07T21:17:54Z/"}],"url":"https://www.vulncheck.com/advisories/zlib-untgz-global-buffer-overflow-in-tgzfname"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943968?format=json","purl":"pkg:deb/debian/zlib@1:1.2.6.dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.6.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943955?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943953?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943958?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943956?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943957?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2026-22184"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3aq8-fkrc-hqa2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56189?format=json","vulnerability_id":"VCID-eyjp-7kks-jbfr","summary":"Multiple vulnerabilities have been found in rsync, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9841.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9841.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9841","reference_id":"","reference_type":"","scores":[{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94237","published_at":"2026-04-29T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94204","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94208","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94213","published_at":"2026-04-12T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94214","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94229","published_at":"2026-04-16T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94234","published_at":"2026-04-21T12:55:00Z"},{"value":"0.20281","scoring_system":"epss","scoring_elements":"0.95488","published_at":"2026-04-02T12:55:00Z"},{"value":"0.20281","scoring_system":"epss","scoring_elements":"0.95494","published_at":"2026-04-04T12:55:00Z"},{"value":"0.20281","scoring_system":"epss","scoring_elements":"0.95479","published_at":"2026-04-01T12:55:00Z"},{"value":"0.20848","scoring_system":"epss","scoring_elements":"0.95599","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9841"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402346","reference_id":"1402346","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402346"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270","reference_id":"847270","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"https://security.gentoo.org/glsa/201701-56","reference_id":"GLSA-201701-56","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-56"},{"reference_url":"https://security.gentoo.org/glsa/202007-54","reference_id":"GLSA-202007-54","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/4246-1/","reference_id":"USN-4246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4246-1/"},{"reference_url":"https://usn.ubuntu.com/4292-1/","reference_id":"USN-4292-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4292-1/"},{"reference_url":"https://usn.ubuntu.com/6736-1/","reference_id":"USN-6736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-1/"},{"reference_url":"https://usn.ubuntu.com/6736-2/","reference_id":"USN-6736-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943963?format=json","purl":"pkg:deb/debian/zlib@1:1.2.8.dfsg-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.8.dfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943955?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943953?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943958?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943956?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943957?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2016-9841"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eyjp-7kks-jbfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56190?format=json","vulnerability_id":"VCID-m6xx-a91r-sbhu","summary":"Multiple vulnerabilities have been found in rsync, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9842.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9842.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9842","reference_id":"","reference_type":"","scores":[{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93779","published_at":"2026-04-02T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.9377","published_at":"2026-04-01T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93842","published_at":"2026-04-24T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93839","published_at":"2026-04-26T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93837","published_at":"2026-04-29T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93832","published_at":"2026-04-16T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93809","published_at":"2026-04-13T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93804","published_at":"2026-04-09T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93801","published_at":"2026-04-08T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93793","published_at":"2026-04-07T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93789","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9842"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402348","reference_id":"1402348","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402348"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/12/05/21","reference_id":"21","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://www.openwall.com/lists/oss-security/2016/12/05/21"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847274","reference_id":"847274","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847274"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"http://www.securityfocus.com/bid/95131","reference_id":"95131","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://www.securityfocus.com/bid/95131"},{"reference_url":"https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib","reference_id":"Completed#zlib","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"},{"reference_url":"https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958","reference_id":"e54e1299404101a5a9d0cf5e45512b543967f958","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958"},{"reference_url":"https://security.gentoo.org/glsa/201701-56","reference_id":"GLSA-201701-56","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://security.gentoo.org/glsa/201701-56"},{"reference_url":"https://security.gentoo.org/glsa/202007-54","reference_id":"GLSA-202007-54","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://security.gentoo.org/glsa/202007-54"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html","reference_id":"msg00027.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html","reference_id":"msg00030.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html","reference_id":"msg00050.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html","reference_id":"msg00053.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html","reference_id":"msg00127.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/4246-1/","reference_id":"USN-4246-1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://usn.ubuntu.com/4246-1/"},{"reference_url":"https://usn.ubuntu.com/4292-1/","reference_id":"USN-4292-1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://usn.ubuntu.com/4292-1/"},{"reference_url":"https://wiki.mozilla.org/images/0/09/Zlib-report.pdf","reference_id":"Zlib-report.pdf","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943962?format=json","purl":"pkg:deb/debian/zlib@1:1.2.8.dfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.8.dfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943955?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943953?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943958?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943956?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943957?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2016-9842"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m6xx-a91r-sbhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56188?format=json","vulnerability_id":"VCID-mr6h-6jrp-gyf3","summary":"Multiple vulnerabilities have been found in rsync, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9840.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9840.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9840","reference_id":"","reference_type":"","scores":[{"value":"0.07707","scoring_system":"epss","scoring_elements":"0.91936","published_at":"2026-04-21T12:55:00Z"},{"value":"0.10009","scoring_system":"epss","scoring_elements":"0.9308","published_at":"2026-04-29T12:55:00Z"},{"value":"0.10009","scoring_system":"epss","scoring_elements":"0.93084","published_at":"2026-04-26T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.9405","published_at":"2026-04-02T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.9406","published_at":"2026-04-04T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94064","published_at":"2026-04-07T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94072","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94076","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94081","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94097","published_at":"2026-04-16T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94102","published_at":"2026-04-18T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94041","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9840"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402345","reference_id":"1402345","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402345"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270","reference_id":"847270","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"https://security.gentoo.org/glsa/201701-56","reference_id":"GLSA-201701-56","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-56"},{"reference_url":"https://security.gentoo.org/glsa/202007-54","reference_id":"GLSA-202007-54","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10541","reference_id":"RHSA-2025:10541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11048","reference_id":"RHSA-2025:11048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12013","reference_id":"RHSA-2025:12013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13947","reference_id":"RHSA-2025:13947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8284","reference_id":"RHSA-2025:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8314","reference_id":"RHSA-2025:8314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8395","reference_id":"RHSA-2025:8395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8395"},{"reference_url":"https://usn.ubuntu.com/4246-1/","reference_id":"USN-4246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4246-1/"},{"reference_url":"https://usn.ubuntu.com/4292-1/","reference_id":"USN-4292-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4292-1/"},{"reference_url":"https://usn.ubuntu.com/6736-1/","reference_id":"USN-6736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-1/"},{"reference_url":"https://usn.ubuntu.com/6736-2/","reference_id":"USN-6736-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943962?format=json","purl":"pkg:deb/debian/zlib@1:1.2.8.dfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.8.dfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943955?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943953?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943958?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943956?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943957?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2016-9840"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mr6h-6jrp-gyf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57323?format=json","vulnerability_id":"VCID-s8dx-tft2-nfg6","summary":"The zlib library contains a Denial of Service vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0797","reference_id":"","reference_type":"","scores":[{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84042","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84055","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84072","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84073","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84097","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84103","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.8412","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84115","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.8411","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84133","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84134","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84138","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84162","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84169","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84173","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0797"},{"reference_url":"https://security.gentoo.org/glsa/200408-26","reference_id":"GLSA-200408-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200408-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943959?format=json","purl":"pkg:deb/debian/zlib@1:1.2.1.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.1.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943955?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943953?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943958?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943956?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943957?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2004-0797"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s8dx-tft2-nfg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56191?format=json","vulnerability_id":"VCID-smft-ms93-6kf1","summary":"Multiple vulnerabilities have been found in rsync, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9843.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9843.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9843","reference_id":"","reference_type":"","scores":[{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.9454","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94547","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94555","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94557","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94567","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94571","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94575","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94577","published_at":"2026-04-12T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94578","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.9459","published_at":"2026-04-16T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94595","published_at":"2026-04-18T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94599","published_at":"2026-04-21T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.946","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402351","reference_id":"1402351","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402351"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847275","reference_id":"847275","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847275"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"https://security.gentoo.org/glsa/201701-56","reference_id":"GLSA-201701-56","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-56"},{"reference_url":"https://security.gentoo.org/glsa/202007-54","reference_id":"GLSA-202007-54","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/4246-1/","reference_id":"USN-4246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4246-1/"},{"reference_url":"https://usn.ubuntu.com/4292-1/","reference_id":"USN-4292-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4292-1/"},{"reference_url":"https://usn.ubuntu.com/7959-1/","reference_id":"USN-7959-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7959-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943962?format=json","purl":"pkg:deb/debian/zlib@1:1.2.8.dfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.8.dfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943955?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943953?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943958?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943956?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943957?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2016-9843"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-smft-ms93-6kf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47390?format=json","vulnerability_id":"VCID-sn99-6y6w-ybc6","summary":"Pngcrush is vulnerable to a buffer overflow which could potentially lead to\n    the execution of arbitrary code.","references":[{"reference_url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt"},{"reference_url":"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1849.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1849.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1849","reference_id":"","reference_type":"","scores":[{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92096","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92053","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92059","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92067","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92071","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92083","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92087","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.9209","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92086","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92097","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92095","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92094","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92099","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1849"},{"reference_url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849"},{"reference_url":"http://secunia.com/advisories/16137","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16137"},{"reference_url":"http://secunia.com/advisories/17326","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17326"},{"reference_url":"http://secunia.com/advisories/17516","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17516"},{"reference_url":"http://secunia.com/advisories/18377","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18377"},{"reference_url":"http://secunia.com/advisories/19334","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19334"},{"reference_url":"http://secunia.com/advisories/19550","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19550"},{"reference_url":"http://secunia.com/advisories/19597","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19597"},{"reference_url":"http://secunia.com/advisories/24788","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/24788"},{"reference_url":"http://secunia.com/advisories/31492","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31492"},{"reference_url":"http://security.debian.org/pool/updates/main/z/zlib/zlib_1.2.2-4.sarge.2.diff.gz","reference_id":"","reference_type":"","scores":[],"url":"http://security.debian.org/pool/updates/main/z/zlib/zlib_1.2.2-4.sarge.2.diff.gz"},{"reference_url":"http://securitytracker.com/id?1014540","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1014540"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/21456","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/21456"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11402","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11402"},{"reference_url":"http://www.debian.org/security/2005/dsa-763","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-763"},{"reference_url":"http://www.debian.org/security/2005/dsa-797","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-797"},{"reference_url":"http://www.debian.org/security/2006/dsa-1026","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2006/dsa-1026"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200603-18.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200603-18.xml"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:196","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:196"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:070","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:070"},{"reference_url":"http://www.novell.com/linux/security/advisories/2005_43_zlib.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2005_43_zlib.html"},{"reference_url":"http://www.osvdb.org/18141","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/18141"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2005-584.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2005-584.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0629.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0629.html"},{"reference_url":"http://www.securityfocus.com/archive/1/464745/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/464745/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/14340","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/14340"},{"reference_url":"http://www.ubuntulinux.org/usn/usn-151-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntulinux.org/usn/usn-151-3"},{"reference_url":"http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html"},{"reference_url":"http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1267","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1267"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=430649","reference_id":"430649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=430649"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zlib:zlib:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1849","reference_id":"CVE-2005-1849","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1849"},{"reference_url":"https://security.gentoo.org/glsa/200603-18","reference_id":"GLSA-200603-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200603-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:584","reference_id":"RHSA-2005:584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0264","reference_id":"RHSA-2008:0264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0525","reference_id":"RHSA-2008:0525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0629","reference_id":"RHSA-2008:0629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0629"},{"reference_url":"https://usn.ubuntu.com/151-1/","reference_id":"USN-151-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-1/"},{"reference_url":"https://usn.ubuntu.com/151-2/","reference_id":"USN-151-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-2/"},{"reference_url":"https://usn.ubuntu.com/151-3/","reference_id":"USN-151-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-3/"},{"reference_url":"https://usn.ubuntu.com/151-4/","reference_id":"USN-151-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943960?format=json","purl":"pkg:deb/debian/zlib@1:1.2.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943955?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943953?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943958?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943956?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943957?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2005-1849"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sn99-6y6w-ybc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13518?format=json","vulnerability_id":"VCID-xd6j-x83x-r3gn","summary":"Out-of-bounds Write\nzlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-25032","reference_id":"","reference_type":"","scores":[{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23937","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.24102","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.24064","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.2528","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25309","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25318","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25311","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25364","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25406","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25282","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25188","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25232","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25241","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25394","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.2535","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-25032"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032"},{"reference_url":"http://seclists.org/fulldisclosure/2022/May/33","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://seclists.org/fulldisclosure/2022/May/33"},{"reference_url":"http://seclists.org/fulldisclosure/2022/May/35","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://seclists.org/fulldisclosure/2022/May/35"},{"reference_url":"http://seclists.org/fulldisclosure/2022/May/38","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://seclists.org/fulldisclosure/2022/May/38"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531"},{"reference_url":"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12"},{"reference_url":"https://github.com/madler/zlib/issues/605","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://github.com/madler/zlib/issues/605"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/"},{"reference_url":"https://security.gentoo.org/glsa/202210-42","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://security.gentoo.org/glsa/202210-42"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220526-0009","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220526-0009"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220526-0009/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220526-0009/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220729-0004","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220729-0004"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220729-0004/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220729-0004/"},{"reference_url":"https://support.apple.com/kb/HT213255","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://support.apple.com/kb/HT213255"},{"reference_url":"https://support.apple.com/kb/HT213256","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://support.apple.com/kb/HT213256"},{"reference_url":"https://support.apple.com/kb/HT213257","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://support.apple.com/kb/HT213257"},{"reference_url":"https://www.debian.org/security/2022/dsa-5111","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.debian.org/security/2022/dsa-5111"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/03/24/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/03/24/1"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/03/28/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/03/28/1"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/03/28/3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/03/28/3"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/03/25/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/03/25/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/03/26/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/03/26/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008265","reference_id":"1008265","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008265"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2067945","reference_id":"2067945","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2067945"},{"reference_url":"https://security.archlinux.org/ASA-202204-3","reference_id":"ASA-202204-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-3"},{"reference_url":"https://security.archlinux.org/AVG-2657","reference_id":"AVG-2657","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2657"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-25032","reference_id":"CVE-2018-25032","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-25032"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-25032.yml","reference_id":"CVE-2018-25032.YML","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-25032.yml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/","reference_id":"DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/","reference_id":"DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/"},{"reference_url":"https://github.com/advisories/GHSA-jc36-42cf-vqwj","reference_id":"GHSA-jc36-42cf-vqwj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jc36-42cf-vqwj"},{"reference_url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5","reference_id":"GHSA-v6gp-9mmm-c6p5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5"},{"reference_url":"https://security.gentoo.org/glsa/202405-22","reference_id":"GLSA-202405-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-22"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/","reference_id":"JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/","reference_id":"NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1591","reference_id":"RHSA-2022:1591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1642","reference_id":"RHSA-2022:1642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1661","reference_id":"RHSA-2022:1661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2192","reference_id":"RHSA-2022:2192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2197","reference_id":"RHSA-2022:2197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2198","reference_id":"RHSA-2022:2198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2201","reference_id":"RHSA-2022:2201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2213","reference_id":"RHSA-2022:2213","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2213"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2214","reference_id":"RHSA-2022:2214","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2214"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4584","reference_id":"RHSA-2022:4584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4592","reference_id":"RHSA-2022:4592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4845","reference_id":"RHSA-2022:4845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4896","reference_id":"RHSA-2022:4896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5439","reference_id":"RHSA-2022:5439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7144","reference_id":"RHSA-2022:7144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7813","reference_id":"RHSA-2022:7813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8420","reference_id":"RHSA-2022:8420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0943","reference_id":"RHSA-2023:0943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0975","reference_id":"RHSA-2023:0975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0976","reference_id":"RHSA-2023:0976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0976"},{"reference_url":"https://usn.ubuntu.com/5355-1/","reference_id":"USN-5355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5355-1/"},{"reference_url":"https://usn.ubuntu.com/5355-2/","reference_id":"USN-5355-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5355-2/"},{"reference_url":"https://usn.ubuntu.com/5359-1/","reference_id":"USN-5359-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5359-1/"},{"reference_url":"https://usn.ubuntu.com/5359-2/","reference_id":"USN-5359-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5359-2/"},{"reference_url":"https://usn.ubuntu.com/5739-1/","reference_id":"USN-5739-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5739-1/"},{"reference_url":"https://usn.ubuntu.com/6736-1/","reference_id":"USN-6736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-1/"},{"reference_url":"https://usn.ubuntu.com/6736-2/","reference_id":"USN-6736-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/","reference_id":"VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/","reference_id":"XOKFMSNQ5D5WGMALBNBXU3GE442V74WU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943965?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943955?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943964?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943953?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943958?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943956?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943957?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2018-25032","GHSA-jc36-42cf-vqwj"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xd6j-x83x-r3gn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89750?format=json","vulnerability_id":"VCID-y9kk-6zyw-6qfn","summary":"security flaw","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0107.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0107.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0107","reference_id":"","reference_type":"","scores":[{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97039","published_at":"2026-04-01T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97046","published_at":"2026-04-02T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.9705","published_at":"2026-04-04T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97051","published_at":"2026-04-07T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97061","published_at":"2026-04-08T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97062","published_at":"2026-04-09T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97065","published_at":"2026-04-12T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97066","published_at":"2026-04-13T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97076","published_at":"2026-04-16T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.9708","published_at":"2026-04-18T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97084","published_at":"2026-04-21T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97085","published_at":"2026-04-24T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97087","published_at":"2026-04-26T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97088","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0107"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0107","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0107"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616967","reference_id":"1616967","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616967"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22273.c","reference_id":"CVE-2003-0107;OSVDB-6599","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22273.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22274.c","reference_id":"CVE-2003-0107;OSVDB-6599","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22274.c"},{"reference_url":"https://www.securityfocus.com/bid/6913/info","reference_id":"CVE-2003-0107;OSVDB-6599","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/6913/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:079","reference_id":"RHSA-2003:079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:081","reference_id":"RHSA-2003:081","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:081"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943954?format=json","purl":"pkg:deb/debian/zlib@1:1.1.4-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.1.4-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943955?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943953?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943958?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943956?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943957?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2003-0107"],"risk_score":0.6,"exploitability":"2.0","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y9kk-6zyw-6qfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51055?format=json","vulnerability_id":"VCID-ys8b-uuv1-pkfm","summary":"A buffer overflow in zlib might allow an attacker to cause remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37434.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37434.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37434","reference_id":"","reference_type":"","scores":[{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99744","published_at":"2026-04-29T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99742","published_at":"2026-04-24T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99743","published_at":"2026-04-26T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99736","published_at":"2026-04-02T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99737","published_at":"2026-04-04T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99738","published_at":"2026-04-13T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99739","published_at":"2026-04-16T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.9974","published_at":"2026-04-18T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99741","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/curl/curl/issues/9271","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/curl/curl/issues/9271"},{"reference_url":"https://github.com/ivd38/zlib_overflow","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ivd38/zlib_overflow"},{"reference_url":"https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063"},{"reference_url":"https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1"},{"reference_url":"https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/08/05/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2022/08/05/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/08/09/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2022/08/09/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016710","reference_id":"1016710","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016710"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2116639","reference_id":"2116639","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2116639"},{"reference_url":"https://security.archlinux.org/AVG-2821","reference_id":"AVG-2821","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2821"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37434","reference_id":"CVE-2022-37434","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7106","reference_id":"RHSA-2022:7106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7314","reference_id":"RHSA-2022:7314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7793","reference_id":"RHSA-2022:7793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8291","reference_id":"RHSA-2022:8291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1095","reference_id":"RHSA-2023:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0254","reference_id":"RHSA-2024:0254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0254"},{"reference_url":"https://usn.ubuntu.com/5570-1/","reference_id":"USN-5570-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5570-1/"},{"reference_url":"https://usn.ubuntu.com/5570-2/","reference_id":"USN-5570-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5570-2/"},{"reference_url":"https://usn.ubuntu.com/5573-1/","reference_id":"USN-5573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5573-1/"},{"reference_url":"https://usn.ubuntu.com/6736-1/","reference_id":"USN-6736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-1/"},{"reference_url":"https://usn.ubuntu.com/6736-2/","reference_id":"USN-6736-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943955?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943966?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943953?format=json","purl":"pkg:deb/debian/zlib@1:1.2.13.dfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.13.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943958?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943956?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943957?format=json","purl":"pkg:deb/debian/zlib@1:1.3.dfsg%2Breally1.3.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.3.dfsg%252Breally1.3.2-3%3Fdistro=trixie"}],"aliases":["CVE-2022-37434"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ys8b-uuv1-pkfm"}],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2%3Fdistro=trixie"}