VulnerableCode.io REST API

Lookup for vulnerable packages by Package URL.

GET /api/packages/994467?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/994467?format=api",
    "purl": "pkg:deb/debian/policykit-1@0.105-31%2Bdeb11u1",
    "type": "deb",
    "namespace": "debian",
    "name": "policykit-1",
    "version": "0.105-31+deb11u1",
    "qualifiers": {},
    "subpath": "",
    "is_vulnerable": true,
    "next_non_vulnerable_version": "127-3",
    "latest_non_vulnerable_version": "127-3",
    "affected_by_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68668?format=api",
            "vulnerability_id": "VCID-5y4d-ph3y-5qgd",
            "summary": "polkit: XML policy file with a large number of nested elements may lead to out-of-bounds write",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7519.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.7",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7519.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-7519",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00011",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01199",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01505",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01495",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01498",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01509",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00013",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02032",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00013",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02046",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00013",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02042",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00013",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02117",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00013",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02088",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00013",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02082",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00013",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02109",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00013",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02085",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00013",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02061",
                            "published_at": "2026-04-11T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-7519"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7519",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7519"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://github.com/polkit-org/polkit/commit/107d3801361b9f9084f78710178e683391f1d245",
                    "reference_id": "107d3801361b9f9084f78710178e683391f1d245",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-16T03:56:04Z/"
                        }
                    ],
                    "url": "https://github.com/polkit-org/polkit/commit/107d3801361b9f9084f78710178e683391f1d245"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109334",
                    "reference_id": "1109334",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109334"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379675",
                    "reference_id": "2379675",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-16T03:56:04Z/"
                        }
                    ],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379675"
                },
                {
                    "reference_url": "https://github.com/polkit-org/polkit/pull/570",
                    "reference_id": "570",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-16T03:56:04Z/"
                        }
                    ],
                    "url": "https://github.com/polkit-org/polkit/pull/570"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4",
                    "reference_id": "cpe:/a:redhat:openshift:4",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10",
                    "reference_id": "cpe:/o:redhat:enterprise_linux:10",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6",
                    "reference_id": "cpe:/o:redhat:enterprise_linux:6",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7",
                    "reference_id": "cpe:/o:redhat:enterprise_linux:7",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8",
                    "reference_id": "cpe:/o:redhat:enterprise_linux:8",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9",
                    "reference_id": "cpe:/o:redhat:enterprise_linux:9",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"
                },
                {
                    "reference_url": "https://access.redhat.com/security/cve/CVE-2025-7519",
                    "reference_id": "CVE-2025-7519",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-16T03:56:04Z/"
                        }
                    ],
                    "url": "https://access.redhat.com/security/cve/CVE-2025-7519"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/8173-1/",
                    "reference_id": "USN-8173-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/8173-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/994470?format=api",
                    "purl": "pkg:deb/debian/policykit-1@127-2",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-eqar-k6xk-1ufh"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@127-2"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/1089004?format=api",
                    "purl": "pkg:deb/debian/policykit-1@127-3",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@127-3"
                }
            ],
            "aliases": [
                "CVE-2025-7519"
            ],
            "risk_score": 3.0,
            "exploitability": "0.5",
            "weighted_severity": "6.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5y4d-ph3y-5qgd"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63980?format=api",
            "vulnerability_id": "VCID-eqar-k6xk-1ufh",
            "summary": "polkit: Polkit: Denial of Service via unbounded input processing through standard input",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4897.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4897.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4897",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00014",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02743",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00014",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02717",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00014",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02733",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00014",
                            "scoring_system": "epss",
                            "scoring_elements": "0.0274",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00014",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02762",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00014",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02713",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00014",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02694",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00014",
                            "scoring_system": "epss",
                            "scoring_elements": "0.02704",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "5e-05",
                            "scoring_system": "epss",
                            "scoring_elements": "0.00223",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "5e-05",
                            "scoring_system": "epss",
                            "scoring_elements": "0.00224",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "5e-05",
                            "scoring_system": "epss",
                            "scoring_elements": "0.0028",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "6e-05",
                            "scoring_system": "epss",
                            "scoring_elements": "0.00338",
                            "published_at": "2026-04-21T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4897"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4897",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4897"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132234",
                    "reference_id": "1132234",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132234"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451739",
                    "reference_id": "2451739",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-28T02:23:56Z/"
                        }
                    ],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451739"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4",
                    "reference_id": "cpe:/a:redhat:openshift:4",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10",
                    "reference_id": "cpe:/o:redhat:enterprise_linux:10",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6",
                    "reference_id": "cpe:/o:redhat:enterprise_linux:6",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7",
                    "reference_id": "cpe:/o:redhat:enterprise_linux:7",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8",
                    "reference_id": "cpe:/o:redhat:enterprise_linux:8",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9",
                    "reference_id": "cpe:/o:redhat:enterprise_linux:9",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"
                },
                {
                    "reference_url": "https://access.redhat.com/security/cve/CVE-2026-4897",
                    "reference_id": "CVE-2026-4897",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-28T02:23:56Z/"
                        }
                    ],
                    "url": "https://access.redhat.com/security/cve/CVE-2026-4897"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/8173-1/",
                    "reference_id": "USN-8173-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/8173-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/994468?format=api",
                    "purl": "pkg:deb/debian/policykit-1@122-3",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-5y4d-ph3y-5qgd"
                        },
                        {
                            "vulnerability": "VCID-eqar-k6xk-1ufh"
                        },
                        {
                            "vulnerability": "VCID-hxfb-cmwp-j7c4"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@122-3"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/1089004?format=api",
                    "purl": "pkg:deb/debian/policykit-1@127-3",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@127-3"
                }
            ],
            "aliases": [
                "CVE-2026-4897"
            ],
            "risk_score": 2.5,
            "exploitability": "0.5",
            "weighted_severity": "5.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eqar-k6xk-1ufh"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79679?format=api",
            "vulnerability_id": "VCID-f2ed-c3rs-yqgz",
            "summary": "polkit: file descriptor leak allows an unprivileged user to cause a crash",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4115.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.2",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4115.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4115",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28819",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28421",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28609",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28496",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28901",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28951",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28757",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28824",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28865",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.2887",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28825",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28776",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28795",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28772",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00106",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28723",
                            "published_at": "2026-04-21T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4115"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4115",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4115"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005784",
                    "reference_id": "1005784",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005784"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007534",
                    "reference_id": "2007534",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007534"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-202204-2",
                    "reference_id": "ASA-202204-2",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-202204-2"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-2654",
                    "reference_id": "AVG-2654",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-2654"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2022:1546",
                    "reference_id": "RHSA-2022:1546",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2022:1546"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/5304-1/",
                    "reference_id": "USN-5304-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/5304-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/994468?format=api",
                    "purl": "pkg:deb/debian/policykit-1@122-3",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-5y4d-ph3y-5qgd"
                        },
                        {
                            "vulnerability": "VCID-eqar-k6xk-1ufh"
                        },
                        {
                            "vulnerability": "VCID-hxfb-cmwp-j7c4"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@122-3"
                }
            ],
            "aliases": [
                "CVE-2021-4115"
            ],
            "risk_score": 4.0,
            "exploitability": "0.5",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f2ed-c3rs-yqgz"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85367?format=api",
            "vulnerability_id": "VCID-hxfb-cmwp-j7c4",
            "summary": "polkit: Program run via pkexec as unprivileged user can escape to parent session via TIOCSTI ioctl",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2568.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.1",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2568.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2568",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32657",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.3229",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32489",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32373",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32791",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32826",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32648",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32696",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32722",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32723",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32686",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32658",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32697",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32673",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00131",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32643",
                            "published_at": "2026-04-21T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2568"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.2",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:L/AC:H/Au:N/C:C/I:C/A:C"
                        },
                        {
                            "value": "6.1",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1300746",
                    "reference_id": "1300746",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1300746"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812512",
                    "reference_id": "812512",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812512"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062",
                    "reference_id": "816062",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/994469?format=api",
                    "purl": "pkg:deb/debian/policykit-1@126-2",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-5y4d-ph3y-5qgd"
                        },
                        {
                            "vulnerability": "VCID-eqar-k6xk-1ufh"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@126-2"
                }
            ],
            "aliases": [
                "CVE-2016-2568"
            ],
            "risk_score": 2.8,
            "exploitability": "0.5",
            "weighted_severity": "5.5",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hxfb-cmwp-j7c4"
        }
    ],
    "fixing_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40022?format=api",
            "vulnerability_id": "VCID-mmjs-fy7f-fkbt",
            "summary": "A vulnerability in polkit could lead to local root privilege\n    escalation.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3560.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3560.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3560",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.06272",
                            "scoring_system": "epss",
                            "scoring_elements": "0.90957",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.06272",
                            "scoring_system": "epss",
                            "scoring_elements": "0.9096",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.07266",
                            "scoring_system": "epss",
                            "scoring_elements": "0.91656",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.07266",
                            "scoring_system": "epss",
                            "scoring_elements": "0.91663",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.10912",
                            "scoring_system": "epss",
                            "scoring_elements": "0.93386",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.10912",
                            "scoring_system": "epss",
                            "scoring_elements": "0.9337",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.10912",
                            "scoring_system": "epss",
                            "scoring_elements": "0.93378",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.10912",
                            "scoring_system": "epss",
                            "scoring_elements": "0.9339",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.10912",
                            "scoring_system": "epss",
                            "scoring_elements": "0.93395",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.10912",
                            "scoring_system": "epss",
                            "scoring_elements": "0.93394",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.10912",
                            "scoring_system": "epss",
                            "scoring_elements": "0.93413",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.10912",
                            "scoring_system": "epss",
                            "scoring_elements": "0.93418",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.10912",
                            "scoring_system": "epss",
                            "scoring_elements": "0.93362",
                            "published_at": "2026-04-01T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3560"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3560",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3560"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "8.4",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961710",
                    "reference_id": "1961710",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Attend",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T21:24:12Z/"
                        }
                    ],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961710"
                },
                {
                    "reference_url": "https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/",
                    "reference_id": "2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Attend",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T21:24:12Z/"
                        }
                    ],
                    "url": "https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989429",
                    "reference_id": "989429",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989429"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-202106-24",
                    "reference_id": "ASA-202106-24",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-202106-24"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-2028",
                    "reference_id": "AVG-2028",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-2028"
                },
                {
                    "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/50011.sh",
                    "reference_id": "CVE-2021-3560",
                    "reference_type": "exploit",
                    "scores": [],
                    "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/50011.sh"
                },
                {
                    "reference_url": "http://packetstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.html",
                    "reference_id": "Facebook-Fizz-Denial-Of-Service.html",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Attend",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T21:24:12Z/"
                        }
                    ],
                    "url": "http://packetstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.html"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/202107-31",
                    "reference_id": "GLSA-202107-31",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/202107-31"
                },
                {
                    "reference_url": "http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.html",
                    "reference_id": "polkit-Authentication-Bypass.html",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Attend",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T21:24:12Z/"
                        }
                    ],
                    "url": "http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.html"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2021:2236",
                    "reference_id": "RHSA-2021:2236",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2021:2236"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2021:2237",
                    "reference_id": "RHSA-2021:2237",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2021:2237"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2021:2238",
                    "reference_id": "RHSA-2021:2238",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2021:2238"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2021:2522",
                    "reference_id": "RHSA-2021:2522",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2021:2522"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2021:2555",
                    "reference_id": "RHSA-2021:2555",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2021:2555"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/4980-1/",
                    "reference_id": "USN-4980-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/4980-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/994467?format=api",
                    "purl": "pkg:deb/debian/policykit-1@0.105-31%2Bdeb11u1",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-5y4d-ph3y-5qgd"
                        },
                        {
                            "vulnerability": "VCID-eqar-k6xk-1ufh"
                        },
                        {
                            "vulnerability": "VCID-f2ed-c3rs-yqgz"
                        },
                        {
                            "vulnerability": "VCID-hxfb-cmwp-j7c4"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@0.105-31%252Bdeb11u1"
                }
            ],
            "aliases": [
                "CVE-2021-3560"
            ],
            "risk_score": 10.0,
            "exploitability": "2.0",
            "weighted_severity": "7.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mmjs-fy7f-fkbt"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47906?format=api",
            "vulnerability_id": "VCID-yee7-fp2m-r7eg",
            "summary": "A vulnerability in polkit could lead to local root privilege escalation.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4034.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4034.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4034",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.87811",
                            "scoring_system": "epss",
                            "scoring_elements": "0.99477",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.87811",
                            "scoring_system": "epss",
                            "scoring_elements": "0.99474",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.8794",
                            "scoring_system": "epss",
                            "scoring_elements": "0.99476",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.8794",
                            "scoring_system": "epss",
                            "scoring_elements": "0.99475",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.8794",
                            "scoring_system": "epss",
                            "scoring_elements": "0.99473",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.8794",
                            "scoring_system": "epss",
                            "scoring_elements": "0.99478",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.88057",
                            "scoring_system": "epss",
                            "scoring_elements": "0.99488",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.88083",
                            "scoring_system": "epss",
                            "scoring_elements": "0.99488",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.88472",
                            "scoring_system": "epss",
                            "scoring_elements": "0.99495",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.88806",
                            "scoring_system": "epss",
                            "scoring_elements": "0.99523",
                            "published_at": "2026-04-26T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4034"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869",
                    "reference_id": "2025869",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Attend",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-12T10:21:57Z/"
                        }
                    ],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
                },
                {
                    "reference_url": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683",
                    "reference_id": "a2bf5c9c83b6ae46cbd5c779d3055bff81ded683",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Attend",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-12T10:21:57Z/"
                        }
                    ],
                    "url": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-202204-2",
                    "reference_id": "ASA-202204-2",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-202204-2"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-2654",
                    "reference_id": "AVG-2654",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-2654"
                },
                {
                    "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/50689.txt",
                    "reference_id": "CVE-2021-4034",
                    "reference_type": "exploit",
                    "scores": [],
                    "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/50689.txt"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/202201-01",
                    "reference_id": "GLSA-202201-01",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/202201-01"
                },
                {
                    "reference_url": "https://www.suse.com/support/kb/doc/?id=000020564",
                    "reference_id": "?id=000020564",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Attend",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-12T10:21:57Z/"
                        }
                    ],
                    "url": "https://www.suse.com/support/kb/doc/?id=000020564"
                },
                {
                    "reference_url": "https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/",
                    "reference_id": "local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Attend",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-12T10:21:57Z/"
                        }
                    ],
                    "url": "https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/"
                },
                {
                    "reference_url": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html",
                    "reference_id": "Polkit-pkexec-Local-Privilege-Escalation.html",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Attend",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-12T10:21:57Z/"
                        }
                    ],
                    "url": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html"
                },
                {
                    "reference_url": "http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html",
                    "reference_id": "Polkit-pkexec-Privilege-Escalation.html",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Attend",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-12T10:21:57Z/"
                        }
                    ],
                    "url": "http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html"
                },
                {
                    "reference_url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
                    "reference_id": "pwnkit.txt",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Attend",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-12T10:21:57Z/"
                        }
                    ],
                    "url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2022:0265",
                    "reference_id": "RHSA-2022:0265",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2022:0265"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2022:0266",
                    "reference_id": "RHSA-2022:0266",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2022:0266"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2022:0267",
                    "reference_id": "RHSA-2022:0267",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2022:0267"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2022:0268",
                    "reference_id": "RHSA-2022:0268",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2022:0268"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2022:0269",
                    "reference_id": "RHSA-2022:0269",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2022:0269"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2022:0270",
                    "reference_id": "RHSA-2022:0270",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2022:0270"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2022:0271",
                    "reference_id": "RHSA-2022:0271",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2022:0271"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2022:0272",
                    "reference_id": "RHSA-2022:0272",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2022:0272"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2022:0273",
                    "reference_id": "RHSA-2022:0273",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2022:0273"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2022:0274",
                    "reference_id": "RHSA-2022:0274",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2022:0274"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2022:0443",
                    "reference_id": "RHSA-2022:0443",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2022:0443"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2022:0540",
                    "reference_id": "RHSA-2022:0540",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2022:0540"
                },
                {
                    "reference_url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
                    "reference_id": "RHSB-2022-001",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Attend",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-12T10:21:57Z/"
                        }
                    ],
                    "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
                },
                {
                    "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf",
                    "reference_id": "ssa-330556.pdf",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Attend",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-12T10:21:57Z/"
                        }
                    ],
                    "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf"
                },
                {
                    "reference_url": "https://www.starwindsoftware.com/security/sw-20220818-0001/",
                    "reference_id": "sw-20220818-0001",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Attend",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-12T10:21:57Z/"
                        }
                    ],
                    "url": "https://www.starwindsoftware.com/security/sw-20220818-0001/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/5252-1/",
                    "reference_id": "USN-5252-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/5252-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/5252-2/",
                    "reference_id": "USN-5252-2",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/5252-2/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/1038296?format=api",
                    "purl": "pkg:deb/debian/policykit-1@0.105-25%2Bdeb10u1",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-eqar-k6xk-1ufh"
                        },
                        {
                            "vulnerability": "VCID-f2ed-c3rs-yqgz"
                        },
                        {
                            "vulnerability": "VCID-mmjs-fy7f-fkbt"
                        },
                        {
                            "vulnerability": "VCID-yee7-fp2m-r7eg"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@0.105-25%252Bdeb10u1"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/994467?format=api",
                    "purl": "pkg:deb/debian/policykit-1@0.105-31%2Bdeb11u1",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-5y4d-ph3y-5qgd"
                        },
                        {
                            "vulnerability": "VCID-eqar-k6xk-1ufh"
                        },
                        {
                            "vulnerability": "VCID-f2ed-c3rs-yqgz"
                        },
                        {
                            "vulnerability": "VCID-hxfb-cmwp-j7c4"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@0.105-31%252Bdeb11u1"
                }
            ],
            "aliases": [
                "CVE-2021-4034"
            ],
            "risk_score": 10.0,
            "exploitability": "2.0",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yee7-fp2m-r7eg"
        }
    ],
    "risk_score": "4.0",
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/policykit-1@0.105-31%252Bdeb11u1"
}

Package Instance