{"url":"http://public2.vulnerablecode.io/api/packages/975149?format=json","purl":"pkg:apk/alpine/xorg-server@21.1.9-r0?arch=armhf&distroversion=v3.20&reponame=community","type":"apk","namespace":"alpine","name":"xorg-server","version":"21.1.9-r0","qualifiers":{"arch":"armhf","distroversion":"v3.20","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"21.1.10-r0","latest_non_vulnerable_version":"21.1.14-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49324?format=json","vulnerability_id":"VCID-68t6-6w3n-jffa","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5380.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5380.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5380","reference_id":"","reference_type":"","scores":[{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22401","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22568","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22413","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22403","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.2393","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24043","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.2406","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24018","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23961","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23971","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.2396","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23996","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24111","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24149","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5367","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5367"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5380"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244736","reference_id":"2244736","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244736"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7428","reference_id":"RHSA-2023:7428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2298","reference_id":"RHSA-2024:2298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3067","reference_id":"RHSA-2024:3067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3067"},{"reference_url":"https://usn.ubuntu.com/6453-1/","reference_id":"USN-6453-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6453-1/"},{"reference_url":"https://usn.ubuntu.com/6453-2/","reference_id":"USN-6453-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6453-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/975149?format=json","purl":"pkg:apk/alpine/xorg-server@21.1.9-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xorg-server@21.1.9-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-5380"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-68t6-6w3n-jffa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77990?format=json","vulnerability_id":"VCID-g8uu-y7jv-bygx","summary":"xorg-x11-server: Use-after-free bug in DamageDestroy","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5574.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5574.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5574","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10151","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10217","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10114","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10189","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10249","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.1028","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.1024","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.1022","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10091","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.1007","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10202","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10182","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.1016","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10103","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5574"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5574","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5574"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055426","reference_id":"1055426","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055426"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244735","reference_id":"2244735","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2244735"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2298","reference_id":"RHSA-2024:2298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2298"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/975149?format=json","purl":"pkg:apk/alpine/xorg-server@21.1.9-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xorg-server@21.1.9-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-5574"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g8uu-y7jv-bygx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49323?format=json","vulnerability_id":"VCID-un9v-4svv-2baj","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5367.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5367.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5367","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20089","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20146","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19876","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19955","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20009","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20029","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19985","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19927","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19905","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19909","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19906","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19799","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19794","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19764","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5367"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5367","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5367"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5380"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243091","reference_id":"2243091","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243091"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6802","reference_id":"RHSA-2023:6802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6808","reference_id":"RHSA-2023:6808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7373","reference_id":"RHSA-2023:7373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7388","reference_id":"RHSA-2023:7388","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7405","reference_id":"RHSA-2023:7405","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7405"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7428","reference_id":"RHSA-2023:7428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7436","reference_id":"RHSA-2023:7436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7526","reference_id":"RHSA-2023:7526","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7526"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7533","reference_id":"RHSA-2023:7533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0010","reference_id":"RHSA-2024:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0128","reference_id":"RHSA-2024:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6453-1/","reference_id":"USN-6453-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6453-1/"},{"reference_url":"https://usn.ubuntu.com/6453-2/","reference_id":"USN-6453-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6453-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/975149?format=json","purl":"pkg:apk/alpine/xorg-server@21.1.9-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xorg-server@21.1.9-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-5367"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-un9v-4svv-2baj"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xorg-server@21.1.9-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}