{"url":"http://public2.vulnerablecode.io/api/packages/980167?format=json","purl":"pkg:apk/alpine/dropbear@2025.89-r0?arch=aarch64&distroversion=edge&reponame=main","type":"apk","namespace":"alpine","name":"dropbear","version":"2025.89-r0","qualifiers":{"arch":"aarch64","distroversion":"edge","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/312127?format=json","vulnerability_id":"VCID-enpx-ej3b-n3gh","summary":"A flaw was found in Dropbear. When running in multi-user mode and authenticating users, the dropbear ssh server does the socket forwardings requested by the remote client as root,\nonly switching to the logged-in user upon spawning a shell or performing\nsome operations like reading the user's files.\nWith the recent ability of also using unix domain sockets as the forwarding destination any user able to log in via ssh can connect to any unix socket with the root's credentials, bypassing both file system restrictions and any SO_PEERCRED / SO_PASSCRED checks performed by the peer.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14282","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03107","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.0312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03121","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03125","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.0315","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03109","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03083","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.0307","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03045","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03054","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04544","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04398","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04417","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04438","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04478","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04479","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04508","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14282"},{"reference_url":"https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2025q4/002390.html","reference_id":"002390.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-13T16:20:24Z/"}],"url":"https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2025q4/002390.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123069","reference_id":"1123069","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123069"},{"reference_url":"https://github.com/mkj/dropbear/pull/391","reference_id":"391","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-13T16:20:24Z/"}],"url":"https://github.com/mkj/dropbear/pull/391"},{"reference_url":"https://github.com/mkj/dropbear/pull/394","reference_id":"394","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-13T16:20:24Z/"}],"url":"https://github.com/mkj/dropbear/pull/394"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-14282","reference_id":"CVE-2025-14282","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-13T16:20:24Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-14282"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420052","reference_id":"show_bug.cgi?id=2420052","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-13T16:20:24Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420052"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/980167?format=json","purl":"pkg:apk/alpine/dropbear@2025.89-r0?arch=aarch64&distroversion=edge&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dropbear@2025.89-r0%3Farch=aarch64&distroversion=edge&reponame=main"}],"aliases":["CVE-2025-14282"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-enpx-ej3b-n3gh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57310?format=json","vulnerability_id":"VCID-gzmm-8kvw-6qbv","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which could allow a remote attacker to gain unauthorized access.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6111.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6111.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6111","reference_id":"","reference_type":"","scores":[{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.9804","published_at":"2026-05-07T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98042","published_at":"2026-05-05T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98007","published_at":"2026-04-01T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98032","published_at":"2026-04-18T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98026","published_at":"2026-04-13T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98025","published_at":"2026-04-12T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98014","published_at":"2026-04-04T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98021","published_at":"2026-04-09T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98016","published_at":"2026-04-07T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.9802","published_at":"2026-04-08T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98012","published_at":"2026-04-02T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98044","published_at":"2026-05-09T12:55:00Z"},{"value":"0.5497","scoring_system":"epss","scoring_elements":"0.98058","published_at":"2026-04-26T12:55:00Z"},{"value":"0.5497","scoring_system":"epss","scoring_elements":"0.98061","published_at":"2026-04-29T12:55:00Z"},{"value":"0.5497","scoring_system":"epss","scoring_elements":"0.98057","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/04/18/1","reference_id":"1","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/04/18/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/08/02/1","reference_id":"1","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/08/02/1"},{"reference_url":"http://www.securityfocus.com/bid/106741","reference_id":"106741","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"http://www.securityfocus.com/bid/106741"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1666127","reference_id":"1666127","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1666127"},{"reference_url":"https://www.exploit-db.com/exploits/46193/","reference_id":"46193","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://www.exploit-db.com/exploits/46193/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923486","reference_id":"923486","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923486"},{"reference_url":"https://security.archlinux.org/ASA-201904-11","reference_id":"ASA-201904-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201904-11"},{"reference_url":"https://security.archlinux.org/AVG-951","reference_id":"AVG-951","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-951"},{"reference_url":"https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E","reference_id":"c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E","reference_id":"c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E","reference_id":"d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E"},{"reference_url":"https://www.debian.org/security/2019/dsa-4387","reference_id":"dsa-4387","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://www.debian.org/security/2019/dsa-4387"},{"reference_url":"https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E","reference_id":"e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E"},{"reference_url":"https://www.freebsd.org/security/advisories/FreeBSD-EN-19:10.scp.asc","reference_id":"FreeBSD-EN-19:10.scp.asc","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://www.freebsd.org/security/advisories/FreeBSD-EN-19:10.scp.asc"},{"reference_url":"https://security.gentoo.org/glsa/201903-16","reference_id":"GLSA-201903-16","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://security.gentoo.org/glsa/201903-16"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html","reference_id":"msg00030.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html","reference_id":"msg00058.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190213-0001/","reference_id":"ntap-20190213-0001","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190213-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3702","reference_id":"RHSA-2019:3702","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:3702"},{"reference_url":"https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c","reference_id":"scp.c","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1677794","reference_id":"show_bug.cgi?id=1677794","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1677794"},{"reference_url":"https://usn.ubuntu.com/3885-1/","reference_id":"USN-3885-1","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://usn.ubuntu.com/3885-1/"},{"reference_url":"https://usn.ubuntu.com/3885-2/","reference_id":"USN-3885-2","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://usn.ubuntu.com/3885-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/","reference_id":"W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/980167?format=json","purl":"pkg:apk/alpine/dropbear@2025.89-r0?arch=aarch64&distroversion=edge&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dropbear@2025.89-r0%3Farch=aarch64&distroversion=edge&reponame=main"}],"aliases":["CVE-2019-6111"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gzmm-8kvw-6qbv"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/dropbear@2025.89-r0%3Farch=aarch64&distroversion=edge&reponame=main"}