{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","type":"deb","namespace":"debian","name":"qemu","version":"1:5.2+dfsg-11+deb11u3","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1:10.0.2+ds-2+deb13u1~bpo12+1","latest_non_vulnerable_version":"1:11.0.0+ds-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62359?format=json","vulnerability_id":"VCID-3ew5-8dfe-u3d8","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1544.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1544.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1544","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18892","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19273","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19132","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19079","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19037","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19049","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19058","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18951","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18935","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19324","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19039","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19119","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19172","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19178","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1544"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034179","reference_id":"1034179","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034179"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2180364","reference_id":"2180364","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:10:20Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2180364"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-1544","reference_id":"CVE-2023-1544","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:10:20Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-1544"},{"reference_url":"https://security.gentoo.org/glsa/202408-18","reference_id":"GLSA-202408-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-18"},{"reference_url":"https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg00206.html","reference_id":"msg00206.html","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:10:20Z/"}],"url":"https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg00206.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230511-0005/","reference_id":"ntap-20230511-0005","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:10:20Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230511-0005/"},{"reference_url":"https://usn.ubuntu.com/6567-1/","reference_id":"USN-6567-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6567-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2023-1544"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ew5-8dfe-u3d8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75012?format=json","vulnerability_id":"VCID-3kyg-9mf3-kfft","summary":"qemu-kvm: 'qemu-img info' leads to host file read/write","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4467.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4467.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4467","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16208","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1636","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16254","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1625","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.1797","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17724","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17811","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17872","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17888","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17844","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17796","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.1774","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.1775","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18024","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4467"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4467"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075824","reference_id":"1075824","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075824"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278875","reference_id":"2278875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278875"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8.2::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8.2::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8.2::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8.4::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8.4::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8.4::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:container_native_virtualization:4","reference_id":"cpe:/a:redhat:container_native_virtualization:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:container_native_virtualization:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb","reference_id":"cpe:/a:redhat:rhel_eus:8.8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-4467","reference_id":"CVE-2024-4467","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-4467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4276","reference_id":"RHSA-2024:4276","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4277","reference_id":"RHSA-2024:4277","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4277"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4278","reference_id":"RHSA-2024:4278","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4372","reference_id":"RHSA-2024:4372","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4373","reference_id":"RHSA-2024:4373","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4374","reference_id":"RHSA-2024:4374","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4420","reference_id":"RHSA-2024:4420","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4724","reference_id":"RHSA-2024:4724","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4727","reference_id":"RHSA-2024:4727","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:4727"},{"reference_url":"https://usn.ubuntu.com/7744-1/","reference_id":"USN-7744-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7744-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2024-4467"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3kyg-9mf3-kfft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354144?format=json","vulnerability_id":"VCID-46gg-8h8g-2kf5","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5763"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994615?format=json","purl":"pkg:deb/debian/qemu@1:10.0.2%2Bds-2%2Bdeb13u1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.2%252Bds-2%252Bdeb13u1~bpo12%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1077793?format=json","purl":"pkg:deb/debian/qemu@1:11.0.0%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1"}],"aliases":["CVE-2026-5763"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-46gg-8h8g-2kf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354133?format=json","vulnerability_id":"VCID-4mt9-kf9m-2fbz","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3890"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994615?format=json","purl":"pkg:deb/debian/qemu@1:10.0.2%2Bds-2%2Bdeb13u1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.2%252Bds-2%252Bdeb13u1~bpo12%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1077793?format=json","purl":"pkg:deb/debian/qemu@1:11.0.0%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1"}],"aliases":["CVE-2026-3890"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4mt9-kf9m-2fbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35385?format=json","vulnerability_id":"VCID-6qnt-yaa3-p3bb","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35506.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35506.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35506","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08517","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08545","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08598","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08516","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08589","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08612","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08609","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08588","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08575","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08464","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08451","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08601","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08614","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08567","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0857","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35506"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909996","reference_id":"1909996","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909996"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984454","reference_id":"984454","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984454"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2020-35506"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qnt-yaa3-p3bb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74461?format=json","vulnerability_id":"VCID-91y7-ceje-jbd3","summary":"QEMU: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7409.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7409.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7409","reference_id":"","reference_type":"","scores":[{"value":"0.01704","scoring_system":"epss","scoring_elements":"0.82375","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01704","scoring_system":"epss","scoring_elements":"0.8236","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01704","scoring_system":"epss","scoring_elements":"0.82371","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01706","scoring_system":"epss","scoring_elements":"0.82257","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01706","scoring_system":"epss","scoring_elements":"0.82276","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01706","scoring_system":"epss","scoring_elements":"0.82271","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01706","scoring_system":"epss","scoring_elements":"0.82298","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01706","scoring_system":"epss","scoring_elements":"0.82305","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01706","scoring_system":"epss","scoring_elements":"0.82324","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01706","scoring_system":"epss","scoring_elements":"0.82318","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01706","scoring_system":"epss","scoring_elements":"0.82313","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01706","scoring_system":"epss","scoring_elements":"0.82347","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0175","scoring_system":"epss","scoring_elements":"0.82598","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7409"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2302487","reference_id":"2302487","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2302487"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8","reference_id":"cpe:/a:redhat:openshift:4.13::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9","reference_id":"cpe:/a:redhat:openshift:4.13::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8","reference_id":"cpe:/a:redhat:openshift:4.14::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9","reference_id":"cpe:/a:redhat:openshift:4.14::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8","reference_id":"cpe:/a:redhat:openshift:4.15::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9","reference_id":"cpe:/a:redhat:openshift:4.15::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9","reference_id":"cpe:/a:redhat:openshift:4.16::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9","reference_id":"cpe:/a:redhat:openshift:4.17::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-7409","reference_id":"CVE-2024-7409","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-7409"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10518","reference_id":"RHSA-2024:10518","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:10518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10528","reference_id":"RHSA-2024:10528","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:10528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6811","reference_id":"RHSA-2024:6811","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:6811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6964","reference_id":"RHSA-2024:6964","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:6964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7408","reference_id":"RHSA-2024:7408","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:7408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9136","reference_id":"RHSA-2024:9136","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9912","reference_id":"RHSA-2024:9912","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9912"},{"reference_url":"https://usn.ubuntu.com/7744-1/","reference_id":"USN-7744-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7744-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2024-7409"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-91y7-ceje-jbd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35411?format=json","vulnerability_id":"VCID-cenj-mz55-jbg6","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3929.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3929.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3929","reference_id":"","reference_type":"","scores":[{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89536","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.8954","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89553","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89554","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89571","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89576","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89583","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89582","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.8959","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89591","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89587","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89602","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89606","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04882","scoring_system":"epss","scoring_elements":"0.89607","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3929"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2020298","reference_id":"2020298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2020298"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5489-1/","reference_id":"USN-5489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2021-3929"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cenj-mz55-jbg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76982?format=json","vulnerability_id":"VCID-cnyg-wvxr-gqg3","summary":"QEMU: sdhci: heap buffer overflow in sdhci_write_dataport()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3447.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3447.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3447","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03205","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03067","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03055","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03032","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03041","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03161","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03163","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03156","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03085","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03098","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03099","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03104","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03129","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03091","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3447"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068821","reference_id":"1068821","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068821"},{"reference_url":"https://patchew.org/QEMU/20240404085549.16987-1-philmd@linaro.org/","reference_id":"20240404085549.16987-1-philmd@linaro.org","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:53:42Z/"}],"url":"https://patchew.org/QEMU/20240404085549.16987-1-philmd@linaro.org/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274123","reference_id":"2274123","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:53:42Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274123"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-3447","reference_id":"CVE-2024-3447","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:53:42Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-3447"},{"reference_url":"https://usn.ubuntu.com/7744-1/","reference_id":"USN-7744-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7744-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2024-3447"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cnyg-wvxr-gqg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67397?format=json","vulnerability_id":"VCID-d2ve-dnmj-4bbz","summary":"qemu-kvm: VNC WebSocket handshake use-after-free","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11234.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11234.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11234","reference_id":"","reference_type":"","scores":[{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29323","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31834","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33258","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33215","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33032","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33015","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33349","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33182","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33225","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33317","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33263","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33222","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33199","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33238","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11234"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11234","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11234"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117153","reference_id":"1117153","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117153"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401209","reference_id":"2401209","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2401209"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9","reference_id":"cpe:/a:redhat:openshift:4.16::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9","reference_id":"cpe:/a:redhat:openshift:4.17::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9","reference_id":"cpe:/a:redhat:openshift:4.18::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-11234","reference_id":"CVE-2025-11234","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-11234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23228","reference_id":"RHSA-2025:23228","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:23228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0326","reference_id":"RHSA-2026:0326","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0332","reference_id":"RHSA-2026:0332","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0332"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0702","reference_id":"RHSA-2026:0702","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1831","reference_id":"RHSA-2026:1831","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:1831"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3077","reference_id":"RHSA-2026:3077","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:3077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3165","reference_id":"RHSA-2026:3165","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:3165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5578","reference_id":"RHSA-2026:5578","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:5578"},{"reference_url":"https://usn.ubuntu.com/8073-1/","reference_id":"USN-8073-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8073-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2025-11234"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d2ve-dnmj-4bbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62356?format=json","vulnerability_id":"VCID-ej5p-r4az-6ud2","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4144.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4144.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4144","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05711","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05635","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05669","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05705","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05867","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05798","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05832","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05823","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05858","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05866","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05875","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05893","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05834","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05828","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4144"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2148506","reference_id":"2148506","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:17:04Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2148506"},{"reference_url":"https://security.gentoo.org/glsa/202408-18","reference_id":"GLSA-202408-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-18"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTVPHLLXJ65BUMFBUUZ35F3J632SLFRK/","reference_id":"GTVPHLLXJ65BUMFBUUZ35F3J632SLFRK","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:17:04Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTVPHLLXJ65BUMFBUUZ35F3J632SLFRK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/","reference_id":"I7J5IRXJYLELW7D43A75LOWRUE5EU54O","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:17:04Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/"},{"reference_url":"https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg04143.html","reference_id":"msg04143.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:17:04Z/"}],"url":"https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg04143.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230127-0012/","reference_id":"ntap-20230127-0012","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:17:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230127-0012/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0099","reference_id":"RHSA-2023:0099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0432","reference_id":"RHSA-2023:0432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0432"},{"reference_url":"https://usn.ubuntu.com/6167-1/","reference_id":"USN-6167-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6167-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2022-4144"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ej5p-r4az-6ud2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76983?format=json","vulnerability_id":"VCID-ewb7-nrtu-g7ex","summary":"QEMU: virtio: DMA reentrancy issue leads to double free vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3446.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3446.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3446","reference_id":"","reference_type":"","scores":[{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31784","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32155","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31993","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31866","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34044","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34145","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34178","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34038","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.3408","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34111","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34109","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34067","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3446"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3446","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3446"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068820","reference_id":"1068820","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068820"},{"reference_url":"https://patchew.org/QEMU/20240409105537.18308-1-philmd@linaro.org/","reference_id":"20240409105537.18308-1-philmd@linaro.org","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-18T15:34:27Z/"}],"url":"https://patchew.org/QEMU/20240409105537.18308-1-philmd@linaro.org/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274211","reference_id":"2274211","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-18T15:34:27Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274211"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-3446","reference_id":"CVE-2024-3446","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-18T15:34:27Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-3446"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6964","reference_id":"RHSA-2024:6964","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-18T15:34:27Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:6964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9136","reference_id":"RHSA-2024:9136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9136"},{"reference_url":"https://usn.ubuntu.com/7744-1/","reference_id":"USN-7744-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7744-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2024-3446"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ewb7-nrtu-g7ex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78365?format=json","vulnerability_id":"VCID-f4sq-73vu-sfdq","summary":"QEMU: e1000e: heap use-after-free in e1000e_write_packet_to_guest()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3019.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3019.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3019","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0165","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01537","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01625","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01632","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01631","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0154","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01544","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01548","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01554","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01543","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01534","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0152","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01536","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3019"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041102","reference_id":"1041102","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041102"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222351","reference_id":"2222351","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:26:38Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222351"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb","reference_id":"cpe:/a:redhat:rhel_eus:8.6::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb","reference_id":"cpe:/a:redhat:rhel_eus:8.8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-3019","reference_id":"CVE-2023-3019","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:26:38Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-3019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0135","reference_id":"RHSA-2024:0135","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:26:38Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0404","reference_id":"RHSA-2024:0404","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:26:38Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0404"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0569","reference_id":"RHSA-2024:0569","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:26:38Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2135","reference_id":"RHSA-2024:2135","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:26:38Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2135"},{"reference_url":"https://usn.ubuntu.com/7094-1/","reference_id":"USN-7094-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7094-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2023-3019"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f4sq-73vu-sfdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35383?format=json","vulnerability_id":"VCID-gc6n-kgsc-f3b6","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35505.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35505.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35505","reference_id":"","reference_type":"","scores":[{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30194","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30566","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30388","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30273","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30772","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30586","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30645","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30678","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30683","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30638","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30592","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30618","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30601","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31525","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31388","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35505"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909769","reference_id":"1909769","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909769"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984455","reference_id":"984455","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984455"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2020-35505"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gc6n-kgsc-f3b6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77875?format=json","vulnerability_id":"VCID-kx81-eex4-hug8","summary":"QEMU: virtio-net: stack buffer overflow in virtio_net_flush_tx()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6693.json","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6693","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06948","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06823","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06987","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06974","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06978","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06866","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06853","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06907","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06938","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06935","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06928","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06923","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06863","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06845","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6693"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254580","reference_id":"2254580","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:46:00Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254580"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-6693","reference_id":"CVE-2023-6693","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:46:00Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-6693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2962","reference_id":"RHSA-2024:2962","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:46:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2962"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4492","reference_id":"RHSA-2025:4492","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:46:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:4492"},{"reference_url":"https://usn.ubuntu.com/6954-1/","reference_id":"USN-6954-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6954-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2023-6693"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kx81-eex4-hug8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64655?format=json","vulnerability_id":"VCID-m47q-17n6-t7gg","summary":"qemu-kvm: Heap buffer out-of-bounds read in VMDK compressed grain parsing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2243.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2243.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2243","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04546","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04457","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04486","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04623","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04666","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.047","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04482","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04495","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0453","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04536","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04521","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04506","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04477","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05062","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2243"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2243","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2243"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128478","reference_id":"1128478","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128478"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2440934","reference_id":"2440934","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T20:23:45Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2440934"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-2243","reference_id":"CVE-2026-2243","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T20:23:45Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-2243"},{"reference_url":"https://usn.ubuntu.com/8161-1/","reference_id":"USN-8161-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8161-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994615?format=json","purl":"pkg:deb/debian/qemu@1:10.0.2%2Bds-2%2Bdeb13u1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.2%252Bds-2%252Bdeb13u1~bpo12%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/994676?format=json","purl":"pkg:deb/debian/qemu@1:10.2.2%2Bds-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j9f-u62h-rug2"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-n9n4-prkb-f3c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1"}],"aliases":["CVE-2026-2243"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m47q-17n6-t7gg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81154?format=json","vulnerability_id":"VCID-mtj9-1cns-yybw","summary":"QEMU: MMIO ops null pointer dereference may lead to DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15469.json","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15469.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15469","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12214","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1233","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12377","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12178","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12258","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12308","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12316","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1228","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12243","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12132","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12134","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12244","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12224","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12189","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12078","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15469"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1853154","reference_id":"1853154","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1853154"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970253","reference_id":"970253","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970253"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2020-15469"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mtj9-1cns-yybw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74119?format=json","vulnerability_id":"VCID-n71j-fz74-kyhf","summary":"qemu-kvm: usb: assertion failure in usb_ep_get()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8354.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8354.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8354","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13599","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13712","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13722","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13691","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13856","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13914","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13714","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13797","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13847","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13816","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1378","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13732","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13643","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13639","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8354"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082377","reference_id":"1082377","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082377"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313497","reference_id":"2313497","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T13:38:43Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2313497"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-8354","reference_id":"CVE-2024-8354","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T13:38:43Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-8354"},{"reference_url":"https://usn.ubuntu.com/7744-1/","reference_id":"USN-7744-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7744-1/"},{"reference_url":"https://usn.ubuntu.com/8073-1/","reference_id":"USN-8073-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8073-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994615?format=json","purl":"pkg:deb/debian/qemu@1:10.0.2%2Bds-2%2Bdeb13u1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.2%252Bds-2%252Bdeb13u1~bpo12%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/994676?format=json","purl":"pkg:deb/debian/qemu@1:10.2.2%2Bds-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j9f-u62h-rug2"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-n9n4-prkb-f3c6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1"}],"aliases":["CVE-2024-8354"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n71j-fz74-kyhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62360?format=json","vulnerability_id":"VCID-p2dz-mtns-5bb4","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2861.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2861.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2861","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12615","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12574","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12424","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12505","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12555","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12525","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12486","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12447","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.1235","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12353","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12857","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12877","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12841","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12731","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2861"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219266","reference_id":"2219266","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T16:40:48Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219266"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-2861","reference_id":"CVE-2023-2861","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T16:40:48Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-2861"},{"reference_url":"https://security.gentoo.org/glsa/202408-18","reference_id":"GLSA-202408-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-18"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html","reference_id":"msg00012.html","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T16:40:48Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240125-0005/","reference_id":"ntap-20240125-0005","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T16:40:48Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240125-0005/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240229-0002/","reference_id":"ntap-20240229-0002","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T16:40:48Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240229-0002/"},{"reference_url":"https://usn.ubuntu.com/6567-1/","reference_id":"USN-6567-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6567-1/"},{"reference_url":"https://usn.ubuntu.com/8172-1/","reference_id":"USN-8172-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8172-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2023-2861"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p2dz-mtns-5bb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74995?format=json","vulnerability_id":"VCID-ptty-88p4-ybe9","summary":"qemu-kvm: virtio-net: queue index out-of-bounds access in software RSS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6505.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6505.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6505","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24445","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24556","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.245","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24486","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24728","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24767","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.2454","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24611","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24659","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24675","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24634","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24577","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24589","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.2458","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6505"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075919","reference_id":"1075919","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075919"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295760","reference_id":"2295760","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:15:08Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295760"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-6505","reference_id":"CVE-2024-6505","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:15:08Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-6505"},{"reference_url":"https://usn.ubuntu.com/7744-1/","reference_id":"USN-7744-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7744-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2024-6505"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ptty-88p4-ybe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62358?format=json","vulnerability_id":"VCID-pxjg-chmx-nkdc","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35414.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35414.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35414","reference_id":"","reference_type":"","scores":[{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53017","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53002","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53026","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.52993","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53044","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53037","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53086","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53071","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53055","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53092","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53099","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53082","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53048","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53057","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35414"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35414","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35414"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014958","reference_id":"1014958","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014958"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2124911","reference_id":"2124911","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2124911"},{"reference_url":"https://security.gentoo.org/glsa/202408-18","reference_id":"GLSA-202408-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2022-35414"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pxjg-chmx-nkdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35382?format=json","vulnerability_id":"VCID-qh2s-apkz-sbaz","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35504.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35504.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35504","reference_id":"","reference_type":"","scores":[{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26588","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26634","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31438","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31469","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31473","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3143","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31394","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31427","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31407","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31379","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31209","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31085","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31006","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31568","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31385","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35504"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909766","reference_id":"1909766","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1909766"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979679","reference_id":"979679","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979679"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2020-35504"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qh2s-apkz-sbaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78075?format=json","vulnerability_id":"VCID-qs61-1esc-c3cz","summary":"QEMU: improper IDE controller reset can lead to MBR overwrite","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5088.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5088.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5088","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02176","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02137","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0209","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02103","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0219","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0216","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0215","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02143","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02139","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02157","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02134","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02119","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02115","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5088"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5088","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5088"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2247283","reference_id":"2247283","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T14:28:52Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2247283"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-5088","reference_id":"CVE-2023-5088","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T14:28:52Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-5088"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2135","reference_id":"RHSA-2024:2135","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T14:28:52Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2962","reference_id":"RHSA-2024:2962","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T14:28:52Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2962"},{"reference_url":"https://lore.kernel.org/all/20230921160712.99521-1-simon.rowe@nutanix.com/T/","reference_id":"T","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T14:28:52Z/"}],"url":"https://lore.kernel.org/all/20230921160712.99521-1-simon.rowe@nutanix.com/T/"},{"reference_url":"https://usn.ubuntu.com/6567-1/","reference_id":"USN-6567-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6567-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2023-5088"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qs61-1esc-c3cz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74993?format=json","vulnerability_id":"VCID-t58m-9jqp-43c9","summary":"qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7730.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7730.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7730","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07997","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08044","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11332","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11495","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11447","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11407","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11421","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11507","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11566","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11575","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11541","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11515","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11373","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11372","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7730"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304289","reference_id":"2304289","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-14T18:55:17Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2304289"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-7730","reference_id":"CVE-2024-7730","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-14T18:55:17Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-7730"},{"reference_url":"https://usn.ubuntu.com/7094-1/","reference_id":"USN-7094-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7094-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994615?format=json","purl":"pkg:deb/debian/qemu@1:10.0.2%2Bds-2%2Bdeb13u1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.2%252Bds-2%252Bdeb13u1~bpo12%252B1"}],"aliases":["CVE-2024-7730"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t58m-9jqp-43c9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35406?format=json","vulnerability_id":"VCID-t5gq-4bhn-gkej","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3611.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3611.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3611","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07094","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07214","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07259","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07238","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07293","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07319","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07315","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07302","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07223","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08252","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08185","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08348","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08322","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08283","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3611"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3611","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3611"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1973784","reference_id":"1973784","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1973784"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990562","reference_id":"990562","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990562"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7967","reference_id":"RHSA-2022:7967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7967"},{"reference_url":"https://usn.ubuntu.com/6567-1/","reference_id":"USN-6567-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6567-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2021-3611"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t5gq-4bhn-gkej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80572?format=json","vulnerability_id":"VCID-uzxc-npak-yyc4","summary":"QEMU: net: eepro100: stack overflow via infinite recursion","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20255.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20255.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20255","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37716","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37897","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37922","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.378","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3785","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37863","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37878","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37841","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37816","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39773","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39881","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39853","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39593","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39582","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42686","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20255"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20255","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20255"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930646","reference_id":"1930646","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930646"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984451","reference_id":"984451","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984451"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994615?format=json","purl":"pkg:deb/debian/qemu@1:10.0.2%2Bds-2%2Bdeb13u1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.2%252Bds-2%252Bdeb13u1~bpo12%252B1"}],"aliases":["CVE-2021-20255"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uzxc-npak-yyc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35410?format=json","vulnerability_id":"VCID-w7gc-1eh2-3ufu","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3750.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3750.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3750","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08535","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08552","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08536","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08429","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08413","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08586","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.0854","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08579","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08573","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08752","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.088","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08733","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08812","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08723","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3750"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1999073","reference_id":"1999073","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1999073"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7967","reference_id":"RHSA-2022:7967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6980","reference_id":"RHSA-2023:6980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0404","reference_id":"RHSA-2024:0404","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0404"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0569","reference_id":"RHSA-2024:0569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0569"},{"reference_url":"https://usn.ubuntu.com/5772-1/","reference_id":"USN-5772-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5772-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994614?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-hkf8-96k7-kuc9"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-vcun-y6d5-6uby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18"}],"aliases":["CVE-2021-3750"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w7gc-1eh2-3ufu"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31748?format=json","vulnerability_id":"VCID-145f-vwpy-ukfg","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7039.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7039.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-7039","reference_id":"","reference_type":"","scores":[{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.74514","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.74519","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.74546","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.7452","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.74552","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.74568","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.7459","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.74571","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.74563","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.746","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.74607","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.74599","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.74635","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.74641","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00831","scoring_system":"epss","scoring_elements":"0.74643","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-7039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15890"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7039","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7039"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1791551","reference_id":"1791551","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1791551"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949084","reference_id":"949084","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949084"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949085","reference_id":"949085","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949085"},{"reference_url":"https://security.gentoo.org/glsa/202005-02","reference_id":"GLSA-202005-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0348","reference_id":"RHSA-2020:0348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0775","reference_id":"RHSA-2020:0775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0889","reference_id":"RHSA-2020:0889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1116","reference_id":"RHSA-2020:1116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1150","reference_id":"RHSA-2020:1150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1261","reference_id":"RHSA-2020:1261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1296","reference_id":"RHSA-2020:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1300","reference_id":"RHSA-2020:1300","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1300"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1344","reference_id":"RHSA-2020:1344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1351","reference_id":"RHSA-2020:1351","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1352","reference_id":"RHSA-2020:1352","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1358","reference_id":"RHSA-2020:1358","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1358"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1360","reference_id":"RHSA-2020:1360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2342","reference_id":"RHSA-2020:2342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2730","reference_id":"RHSA-2020:2730","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2730"},{"reference_url":"https://usn.ubuntu.com/4283-1/","reference_id":"USN-4283-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4283-1/"},{"reference_url":"https://usn.ubuntu.com/4632-1/","reference_id":"USN-4632-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4632-1/"},{"reference_url":"https://usn.ubuntu.com/7094-1/","reference_id":"USN-7094-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7094-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1036934?format=json","purl":"pkg:deb/debian/qemu@1:2.8%2Bdfsg-6%2Bdeb9u9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1erd-fd8p-hqch"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-2ywm-rb9g-x3fr"},{"vulnerability":"VCID-32jy-dr7t-2uas"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3qwz-gg8s-2ugm"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4276-jfy3-h3ck"},{"vulnerability":"VCID-46n7-vgn3-nffj"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4s1w-v1qs-9uhp"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-56ng-2tm1-5qhk"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-5xgg-2mh6-gfg1"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7w8v-hby8-dya5"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ac7j-emx5-v7cn"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-atzs-876n-byg6"},{"vulnerability":"VCID-b7v6-247j-kfcs"},{"vulnerability":"VCID-bbmg-x8h6-67e5"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-bj4j-2yxz-pyeh"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-c834-hdmj-cfe1"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-chjc-4r36-y3f8"},{"vulnerability":"VCID-cmqc-g49c-wbeq"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-cy79-xgar-eqgr"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-d8cd-qgg7-fyed"},{"vulnerability":"VCID-dgzy-z4ad-ubc4"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-dthd-mp8z-8ucg"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-ecy5-s73b-n3db"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-f4w9-adpm-tuht"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fp83-zgum-ryb8"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gmvy-m5mq-yycx"},{"vulnerability":"VCID-gntc-n53u-n3aj"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-hwt1-11ew-sqhv"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jdmp-aggh-ufhy"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-jnxy-g6wu-8ubu"},{"vulnerability":"VCID-jq6v-ra9m-sqgz"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-km1b-1rvd-q3fa"},{"vulnerability":"VCID-kvww-v5vg-qbdt"},{"vulnerability":"VCID-kwra-y7vr-ykdg"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mgn9-kzp9-wke5"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-mzsa-tcqf-effc"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ncpf-ttuc-fqe7"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p1bu-wmxq-27dm"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-q49g-ggaf-cqbt"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qnpg-992x-5kcn"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-rdgu-3kat-j7c6"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-rkxf-jp2j-mqgf"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rxsw-t1ut-rkau"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tsyt-eq3x-5ucy"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-uj5n-mck2-2uen"},{"vulnerability":"VCID-uryz-5yk9-9fd7"},{"vulnerability":"VCID-v4eq-3kfm-uug9"},{"vulnerability":"VCID-v8fp-rzfq-e3bs"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vefc-bfc3-fyg2"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-vxg6-nx6s-6feu"},{"vulnerability":"VCID-w1je-asqn-fbcr"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-xzmg-gkxx-buau"},{"vulnerability":"VCID-y16a-n7u8-zfen"},{"vulnerability":"VCID-yccx-a98b-nfh4"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-z24v-fz53-zubg"},{"vulnerability":"VCID-z31k-dhbq-k3ed"},{"vulnerability":"VCID-z4jn-dgcg-x7du"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zfwq-v3sh-kkbp"},{"vulnerability":"VCID-zjyq-3nyd-k3g9"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-6%252Bdeb9u9"},{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-7039"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-145f-vwpy-ukfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61632?format=json","vulnerability_id":"VCID-14d3-jbv3-xbbe","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10761.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10761.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10761","reference_id":"","reference_type":"","scores":[{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74672","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74675","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74701","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74676","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74708","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74723","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74746","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74725","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74716","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74753","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74761","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74751","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74786","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74793","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74796","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10761"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1843707","reference_id":"1843707","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1843707"},{"reference_url":"https://security.gentoo.org/glsa/202011-09","reference_id":"GLSA-202011-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202011-09"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-10761"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-14d3-jbv3-xbbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40980?format=json","vulnerability_id":"VCID-1g7f-6q39-fyhx","summary":"Multiple vulnerabilities have been found in libslirp, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3593.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3593.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3593","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05868","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05994","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05954","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05988","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.059","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05934","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05923","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05816","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05841","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05819","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.0581","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05804","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05768","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05921","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3593"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970487","reference_id":"1970487","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970487"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989994","reference_id":"989994","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989994"},{"reference_url":"https://security.archlinux.org/ASA-202106-49","reference_id":"ASA-202106-49","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-49"},{"reference_url":"https://security.archlinux.org/AVG-2073","reference_id":"AVG-2073","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2073"},{"reference_url":"https://security.gentoo.org/glsa/202107-44","reference_id":"GLSA-202107-44","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-44"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4191","reference_id":"RHSA-2021:4191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4191"},{"reference_url":"https://usn.ubuntu.com/5009-1/","reference_id":"USN-5009-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5009-1/"},{"reference_url":"https://usn.ubuntu.com/5009-2/","reference_id":"USN-5009-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5009-2/"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3593"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1g7f-6q39-fyhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81711?format=json","vulnerability_id":"VCID-28wt-9aqz-xqbg","summary":"qemu: OOB read and write due to integer overflow in sm501_2d_operation() in hw/display/sm501.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12829.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12829.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12829","reference_id":"","reference_type":"","scores":[{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.3059","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30726","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30774","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30649","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30682","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30686","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30641","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30596","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30622","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30604","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.3057","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30391","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30276","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30197","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1808510","reference_id":"1808510","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1808510"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961451","reference_id":"961451","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961451"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-12829"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-28wt-9aqz-xqbg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35420?format=json","vulnerability_id":"VCID-29bt-r6ya-jfhu","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20263.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20263.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20263","reference_id":"","reference_type":"","scores":[{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32842","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32971","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.33005","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32828","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32875","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32904","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32907","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.3287","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32844","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32886","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32864","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32679","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32564","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32479","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20263"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20263","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20263"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1933668","reference_id":"1933668","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1933668"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985083","reference_id":"985083","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985083"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-20263"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-29bt-r6ya-jfhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81402?format=json","vulnerability_id":"VCID-29d8-uet3-syfh","summary":"QEMU: heap buffer overflow in iscsi_aio_ioctl_cb() in block/iscsi.c may lead to information disclosure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11947.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11947.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11947","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16404","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16586","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16649","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16449","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16535","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16589","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.1657","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.1653","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16471","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16412","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16433","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.1647","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16363","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16362","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16317","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1912765","reference_id":"1912765","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1912765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0648","reference_id":"RHSA-2021:0648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1762","reference_id":"RHSA-2021:1762","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1762"},{"reference_url":"https://usn.ubuntu.com/4725-1/","reference_id":"USN-4725-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4725-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-11947"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-29d8-uet3-syfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80642?format=json","vulnerability_id":"VCID-3wee-2xay-r7bt","summary":"QEMU: block: fdc: null pointer dereference may lead to guest crash","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20196.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20196.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20196","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11722","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11841","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11884","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11671","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11756","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11809","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11821","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11782","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11621","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1162","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11741","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11705","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11667","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11592","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20196"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1919210","reference_id":"1919210","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1919210"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984453","reference_id":"984453","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984453"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0325","reference_id":"RHSA-2022:0325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0397","reference_id":"RHSA-2022:0397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1759","reference_id":"RHSA-2022:1759","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1759"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-20196"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3wee-2xay-r7bt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78124?format=json","vulnerability_id":"VCID-4848-dnv8-bqez","summary":"QEMU: use-after-free in TCG accelerator can lead to local privilege escalation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24165.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24165.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24165","reference_id":"","reference_type":"","scores":[{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62414","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62472","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62504","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62471","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62523","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62539","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62558","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62546","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62565","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62571","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62552","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62562","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62578","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62575","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24165"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24165","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24165"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235745","reference_id":"2235745","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235745"},{"reference_url":"https://usn.ubuntu.com/6567-1/","reference_id":"USN-6567-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6567-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-24165"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4848-dnv8-bqez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61633?format=json","vulnerability_id":"VCID-4d66-e766-q7ch","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13253.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13253.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13253","reference_id":"","reference_type":"","scores":[{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30378","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30408","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30453","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30261","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30321","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30355","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30358","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30314","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30266","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30281","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30263","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30219","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30154","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30038","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29964","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13253"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13253","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13253"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1838546","reference_id":"1838546","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1838546"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961297","reference_id":"961297","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961297"},{"reference_url":"https://security.gentoo.org/glsa/202011-09","reference_id":"GLSA-202011-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202011-09"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"},{"reference_url":"https://usn.ubuntu.com/4467-2/","reference_id":"USN-4467-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-13253"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4d66-e766-q7ch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35416?format=json","vulnerability_id":"VCID-4unz-8jyy-qfdc","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4206.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4206.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4206","reference_id":"","reference_type":"","scores":[{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36992","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.37027","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36855","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36906","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36835","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36989","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36758","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.36727","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.3664","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37071","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37081","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37047","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.3702","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37066","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036998","reference_id":"2036998","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036998"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5002","reference_id":"RHSA-2022:5002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5821","reference_id":"RHSA-2022:5821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5821"},{"reference_url":"https://usn.ubuntu.com/5489-1/","reference_id":"USN-5489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-4206"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4unz-8jyy-qfdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81665?format=json","vulnerability_id":"VCID-5t1d-ve8h-9ba1","summary":"QEMU: division by zero in oss_write() in audio/ossaudio.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14415.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14415.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14415","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15427","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15467","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15537","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15337","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15424","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15435","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15396","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15331","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.1525","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15254","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15305","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15345","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15342","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15287","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14415"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14415","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14415"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1848117","reference_id":"1848117","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1848117"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-14415"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5t1d-ve8h-9ba1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40979?format=json","vulnerability_id":"VCID-5ur6-6ec3-p7bt","summary":"Multiple vulnerabilities have been found in libslirp, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3592.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3592.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3592","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07033","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07056","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07047","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06987","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06972","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07106","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07072","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0703","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07062","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07068","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07174","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07219","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07198","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07054","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3592"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3592","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3592"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970484","reference_id":"1970484","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970484"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989993","reference_id":"989993","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989993"},{"reference_url":"https://security.archlinux.org/ASA-202106-49","reference_id":"ASA-202106-49","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-49"},{"reference_url":"https://security.archlinux.org/AVG-2073","reference_id":"AVG-2073","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2073"},{"reference_url":"https://security.gentoo.org/glsa/202107-44","reference_id":"GLSA-202107-44","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-44"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4191","reference_id":"RHSA-2021:4191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4191"},{"reference_url":"https://usn.ubuntu.com/5009-1/","reference_id":"USN-5009-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5009-1/"},{"reference_url":"https://usn.ubuntu.com/5009-2/","reference_id":"USN-5009-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5009-2/"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"},{"reference_url":"https://usn.ubuntu.com/7094-1/","reference_id":"USN-7094-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7094-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3592"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ur6-6ec3-p7bt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61635?format=json","vulnerability_id":"VCID-6ef4-c38a-j7ca","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13362.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13362.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13362","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26973","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27014","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2705","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26841","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26909","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26956","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2696","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26916","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26859","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26871","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26842","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26803","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26745","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26737","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26667","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1840999","reference_id":"1840999","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1840999"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961887","reference_id":"961887","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961887"},{"reference_url":"https://security.gentoo.org/glsa/202011-09","reference_id":"GLSA-202011-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202011-09"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"},{"reference_url":"https://usn.ubuntu.com/4467-2/","reference_id":"USN-4467-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-13362"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6ef4-c38a-j7ca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80756?format=json","vulnerability_id":"VCID-6fs3-3a9w-xycq","summary":"QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29130.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29130.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-29130","reference_id":"","reference_type":"","scores":[{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64386","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6454","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64528","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64541","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6444","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64471","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6443","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64494","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64509","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64498","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64469","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64504","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64516","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64508","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-29130"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29130","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29130"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1902231","reference_id":"1902231","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1902231"},{"reference_url":"https://security.archlinux.org/ASA-202012-7","reference_id":"ASA-202012-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-7"},{"reference_url":"https://security.archlinux.org/AVG-1305","reference_id":"AVG-1305","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1762","reference_id":"RHSA-2021:1762","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1762"},{"reference_url":"https://usn.ubuntu.com/5009-1/","reference_id":"USN-5009-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5009-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-29130"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6fs3-3a9w-xycq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61634?format=json","vulnerability_id":"VCID-6hqu-ecs5-zqeb","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13361.json","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13361.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13361","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26973","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27014","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2705","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26841","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26909","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26956","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2696","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26916","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26859","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26871","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26842","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26803","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26745","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26737","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26667","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1840980","reference_id":"1840980","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1840980"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961888","reference_id":"961888","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961888"},{"reference_url":"https://security.gentoo.org/glsa/202011-09","reference_id":"GLSA-202011-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202011-09"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"},{"reference_url":"https://usn.ubuntu.com/4467-2/","reference_id":"USN-4467-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-13361"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6hqu-ecs5-zqeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40982?format=json","vulnerability_id":"VCID-6pkj-axqp-duf1","summary":"Multiple vulnerabilities have been found in libslirp, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3595.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3595.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3595","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06142","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06264","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06223","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06254","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06179","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0621","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06192","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0607","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06109","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06099","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06094","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06086","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06051","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0606","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06209","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3595"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3595","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3595"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970489","reference_id":"1970489","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970489"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989996","reference_id":"989996","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989996"},{"reference_url":"https://security.archlinux.org/ASA-202106-49","reference_id":"ASA-202106-49","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-49"},{"reference_url":"https://security.archlinux.org/AVG-2073","reference_id":"AVG-2073","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2073"},{"reference_url":"https://security.gentoo.org/glsa/202107-44","reference_id":"GLSA-202107-44","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-44"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4191","reference_id":"RHSA-2021:4191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4191"},{"reference_url":"https://usn.ubuntu.com/5009-1/","reference_id":"USN-5009-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5009-1/"},{"reference_url":"https://usn.ubuntu.com/5009-2/","reference_id":"USN-5009-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5009-2/"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3595"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6pkj-axqp-duf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78336?format=json","vulnerability_id":"VCID-6xcc-y2jp-nufx","summary":"QEMU: net: triggerable assertion due to race condition in hot-unplug","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3301.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3301.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3301","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00317","published_at":"2026-04-29T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0034","published_at":"2026-04-02T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00297","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00322","published_at":"2026-04-21T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00323","published_at":"2026-04-24T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0032","published_at":"2026-04-26T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00339","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0033","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00328","published_at":"2026-04-08T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00304","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00303","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00302","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3301"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2215784","reference_id":"2215784","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T17:39:47Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2215784"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:13","reference_id":"cpe:/a:redhat:openstack:13","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:13"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-3301","reference_id":"CVE-2023-3301","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T17:39:47Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-3301"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231020-0008/","reference_id":"ntap-20231020-0008","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T17:39:47Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231020-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6980","reference_id":"RHSA-2023:6980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6980"},{"reference_url":"https://usn.ubuntu.com/6567-1/","reference_id":"USN-6567-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6567-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2023-3301"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6xcc-y2jp-nufx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78311?format=json","vulnerability_id":"VCID-7mhs-m1r3-n3ag","summary":"QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3354.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3354.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3354","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20788","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20751","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20812","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2083","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20736","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20727","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20721","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2096","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20674","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21359","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28867","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28754","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28683","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28986","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3354"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2216478","reference_id":"2216478","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2216478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5094","reference_id":"RHSA-2023:5094","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5094"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5239","reference_id":"RHSA-2023:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5264","reference_id":"RHSA-2023:5264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5587","reference_id":"RHSA-2023:5587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5796","reference_id":"RHSA-2023:5796","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5796"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6227","reference_id":"RHSA-2023:6227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0404","reference_id":"RHSA-2024:0404","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0404"},{"reference_url":"https://usn.ubuntu.com/6567-1/","reference_id":"USN-6567-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6567-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2023-3354"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7mhs-m1r3-n3ag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35391?format=json","vulnerability_id":"VCID-7w6v-ewcn-kkdz","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3416.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3416.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3416","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00333","published_at":"2026-04-01T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00338","published_at":"2026-04-02T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00336","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00328","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00325","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00326","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00323","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00322","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00317","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00343","published_at":"2026-04-24T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00342","published_at":"2026-04-26T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00337","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3416"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3416","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3416"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932827","reference_id":"1932827","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932827"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984448","reference_id":"984448","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984448"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3061","reference_id":"RHSA-2021:3061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3703","reference_id":"RHSA-2021:3703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3703"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3416"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7w6v-ewcn-kkdz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81243?format=json","vulnerability_id":"VCID-7zkh-xs1s-guh6","summary":"QEMU: slirp: networking out-of-bounds read information disclosure vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10756.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10756.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10756","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06882","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06768","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06759","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06903","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06888","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0691","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06797","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06835","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0684","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06833","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06826","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.06998","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07052","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07032","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.06894","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1835986","reference_id":"1835986","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1835986"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3586","reference_id":"RHSA-2020:3586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4059","reference_id":"RHSA-2020:4059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4694","reference_id":"RHSA-2020:4694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4694"},{"reference_url":"https://usn.ubuntu.com/4437-1/","reference_id":"USN-4437-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4437-1/"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-10756"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7zkh-xs1s-guh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81447?format=json","vulnerability_id":"VCID-8cnu-b5en-7ye3","summary":"qemu: integer overflow in ati_2d_blt() in hw/display/ati-2d.c could lead to DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11869.json","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11869.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11869","reference_id":"","reference_type":"","scores":[{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26016","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.261","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.2614","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25906","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25974","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26026","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26036","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25991","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25932","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25937","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25918","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25889","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25823","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25817","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25771","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11869"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11869","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11869"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1809955","reference_id":"1809955","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1809955"},{"reference_url":"https://usn.ubuntu.com/4372-1/","reference_id":"USN-4372-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4372-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-11869"],"risk_score":1.2,"exploitability":"0.5","weighted_severity":"2.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8cnu-b5en-7ye3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82268?format=json","vulnerability_id":"VCID-8jjd-u5mc-zbde","summary":"qemu: scsi: lsi: potential infinite loop when executing script in lsi_execute_script","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12068.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12068.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12068","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24813","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24604","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24719","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24659","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24648","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24892","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24931","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24706","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24773","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.2482","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24833","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24794","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24737","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24749","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24742","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=de594e47659029316bbf9391efb79da0a1a08e08","reference_id":"","reference_type":"","scores":[],"url":"https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=de594e47659029316bbf9391efb79da0a1a08e08"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"},{"reference_url":"https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01518.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01518.html"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2019-12068","reference_id":"","reference_type":"","scores":[],"url":"https://security-tracker.debian.org/tracker/CVE-2019-12068"},{"reference_url":"https://www.debian.org/security/2020/dsa-4665","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2020/dsa-4665"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1773749","reference_id":"1773749","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1773749"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:2.1\\+dfsg-12\\+deb8u6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:1\\:2.1\\+dfsg-12\\+deb8u6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:2.1\\+dfsg-12\\+deb8u6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:2.8\\+dfsg-6\\+deb9u8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:1\\:2.8\\+dfsg-6\\+deb9u8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:2.8\\+dfsg-6\\+deb9u8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:3.1\\+dfsg-8\\~deb10u1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:1\\:3.1\\+dfsg-8\\~deb10u1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:3.1\\+dfsg-8\\~deb10u1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:3.1\\+dfsg-8\\+deb10u2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:1\\:3.1\\+dfsg-8\\+deb10u2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:3.1\\+dfsg-8\\+deb10u2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:4.1-1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:1\\:4.1-1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:4.1-1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12068","reference_id":"CVE-2019-12068","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12068"},{"reference_url":"https://usn.ubuntu.com/4191-1/","reference_id":"USN-4191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4191-1/"},{"reference_url":"https://usn.ubuntu.com/4191-2/","reference_id":"USN-4191-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4191-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2019-12068"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8jjd-u5mc-zbde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82101?format=json","vulnerability_id":"VCID-8kzh-2gr5-e7gu","summary":"QEMU: out-of-bounds read in ati_cursor_define() function in hw/display/ati.c leads to DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20808.json","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20808.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20808","reference_id":"","reference_type":"","scores":[{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31143","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.3127","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31131","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31184","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31215","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.3122","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31177","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31133","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31165","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31146","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31115","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30955","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30834","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30749","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20808"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1841136","reference_id":"1841136","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1841136"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2019-20808"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8kzh-2gr5-e7gu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81125?format=json","vulnerability_id":"VCID-93gr-c812-uud8","summary":"QEMU: sdhci: out-of-bounds access issue while doing multi block SDMA","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25085.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25085.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25085","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.3636","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36534","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36567","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36405","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36457","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36477","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36484","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36449","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36427","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36468","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36451","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36395","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36169","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36139","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36052","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25085"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879671","reference_id":"1879671","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879671"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970540","reference_id":"970540","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970540"},{"reference_url":"https://usn.ubuntu.com/4650-1/","reference_id":"USN-4650-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4650-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-25085"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-93gr-c812-uud8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80846?format=json","vulnerability_id":"VCID-955d-q41q-4uau","summary":"QEMU: net: an assert failure via eth_get_gso_type","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27617.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27617.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27617","reference_id":"","reference_type":"","scores":[{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45648","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45715","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45735","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45684","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45739","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45758","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45728","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45736","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45786","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.4578","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45727","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45658","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45667","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45607","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1891668","reference_id":"1891668","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1891668"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973324","reference_id":"973324","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3061","reference_id":"RHSA-2021:3061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3061"},{"reference_url":"https://usn.ubuntu.com/4650-1/","reference_id":"USN-4650-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4650-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-27617"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-955d-q41q-4uau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82949?format=json","vulnerability_id":"VCID-9rpr-g2sm-yqb6","summary":"QEMU: pvrdma: null dereference or excessive memory allocation when creating QP/CQ","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20125.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20125.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20125","reference_id":"","reference_type":"","scores":[{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65869","published_at":"2026-04-01T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66011","published_at":"2026-04-29T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66001","published_at":"2026-04-24T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66013","published_at":"2026-04-26T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.6591","published_at":"2026-04-02T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.6594","published_at":"2026-04-04T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65906","published_at":"2026-04-07T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65958","published_at":"2026-04-08T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.6597","published_at":"2026-04-09T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65988","published_at":"2026-04-11T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65974","published_at":"2026-04-12T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65945","published_at":"2026-04-13T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.6598","published_at":"2026-04-16T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65993","published_at":"2026-04-18T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65981","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20125","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20125"},{"reference_url":"https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02823.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02823.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2018/12/19/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2018/12/19/3"},{"reference_url":"http://www.securityfocus.com/bid/106298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660747","reference_id":"1660747","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660747"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20125","reference_id":"CVE-2018-20125","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20125"},{"reference_url":"https://usn.ubuntu.com/3923-1/","reference_id":"USN-3923-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3923-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2018-20125"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9rpr-g2sm-yqb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35394?format=json","vulnerability_id":"VCID-ap2r-g7ew-kqed","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3544.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3544.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3544","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09299","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.093","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09351","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09263","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09339","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09388","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09399","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0937","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09355","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09248","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09247","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0945","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09408","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09368","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1958935","reference_id":"1958935","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1958935"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042","reference_id":"989042","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3544"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ap2r-g7ew-kqed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35392?format=json","vulnerability_id":"VCID-bcps-uatt-wkd7","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3527.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3527.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3527","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07873","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.0797","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08017","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07976","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08035","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08054","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08038","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08019","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08002","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07915","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07897","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08058","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08013","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07979","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07954","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3527"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1955695","reference_id":"1955695","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1955695"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988157","reference_id":"988157","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988157"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3527"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bcps-uatt-wkd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82947?format=json","vulnerability_id":"VCID-be1r-pq33-abg5","summary":"QEMU: pvrdma: uar_read leads to NULL dereference","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20191.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20191.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20191","reference_id":"","reference_type":"","scores":[{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.7251","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72649","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72643","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72652","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72516","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72533","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72548","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72561","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72585","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72567","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72557","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.726","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.7261","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72601","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20191"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20191","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20191"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7/"},{"reference_url":"https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg03066.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg03066.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2018/12/18/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2018/12/18/1"},{"reference_url":"http://www.securityfocus.com/bid/106276","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106276"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660314","reference_id":"1660314","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660314"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20191","reference_id":"CVE-2018-20191","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20191"},{"reference_url":"https://usn.ubuntu.com/3923-1/","reference_id":"USN-3923-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3923-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2018-20191"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-be1r-pq33-abg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35405?format=json","vulnerability_id":"VCID-br4x-bpvj-puhr","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3608.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3608.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3608","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11095","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11238","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11302","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11117","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11197","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11253","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11263","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11174","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11149","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11015","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11025","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11155","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11094","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1105","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10986","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3608"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1973383","reference_id":"1973383","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1973383"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990563","reference_id":"990563","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990563"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3608"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-br4x-bpvj-puhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82097?format=json","vulnerability_id":"VCID-burb-pa38-fqhw","summary":"QEMU: vnc: memory leakage upon disconnect","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20382.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20382.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20382","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13515","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13615","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13676","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13474","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13555","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13605","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13578","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1354","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13492","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13404","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.134","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13473","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13478","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13343","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20382"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1810390","reference_id":"1810390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1810390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2774","reference_id":"RHSA-2020:2774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3267","reference_id":"RHSA-2020:3267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3906","reference_id":"RHSA-2020:3906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3907","reference_id":"RHSA-2020:3907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4167","reference_id":"RHSA-2020:4167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4167"},{"reference_url":"https://usn.ubuntu.com/4372-1/","reference_id":"USN-4372-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4372-1/"},{"reference_url":"https://usn.ubuntu.com/7094-1/","reference_id":"USN-7094-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7094-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2019-20382"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-burb-pa38-fqhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80862?format=json","vulnerability_id":"VCID-c4ky-b4y8-kqd5","summary":"QEMU: divide by zero in dwc2_handle_packet() in hw/usb/hcd-dwc2.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27661.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27661.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27661","reference_id":"","reference_type":"","scores":[{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32437","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32582","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32618","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32441","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32489","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32517","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.3252","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32482","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32455","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32491","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32469","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.3227","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32154","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.3207","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27661"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27661","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27661"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1890653","reference_id":"1890653","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1890653"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972864","reference_id":"972864","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972864"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-27661"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ky-b4y8-kqd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78760?format=json","vulnerability_id":"VCID-cgq2-b6my-eucg","summary":"QEMU: lsi53c895a: DMA reentrancy issue leads to stack overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0330.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0330.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0330","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08241","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08236","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08291","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08305","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08323","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08293","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08278","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.08981","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0896","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09113","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09155","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09099","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09069","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0330"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029155","reference_id":"1029155","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029155"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160151","reference_id":"2160151","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T18:43:40Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160151"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-0330","reference_id":"CVE-2023-0330","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T18:43:40Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-0330"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html","reference_id":"msg00006.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T18:43:40Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html"},{"reference_url":"https://lists.nongnu.org/archive/html/qemu-devel/2023-01/msg03411.html","reference_id":"msg03411.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T18:43:40Z/"}],"url":"https://lists.nongnu.org/archive/html/qemu-devel/2023-01/msg03411.html"},{"reference_url":"https://usn.ubuntu.com/6167-1/","reference_id":"USN-6167-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6167-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2023-0330"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cgq2-b6my-eucg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79249?format=json","vulnerability_id":"VCID-d6gd-j7ks-xkgk","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15890.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15890.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15890","reference_id":"","reference_type":"","scores":[{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.6869","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68849","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68787","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68836","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68842","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68709","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68727","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68705","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68757","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68776","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68799","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68756","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68798","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68808","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15890"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15890"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7039","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7039"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/slirp/libslirp/commit/c5927943","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/slirp/libslirp/commit/c5927943"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html"},{"reference_url":"https://seclists.org/bugtraq/2020/Feb/0","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2020/Feb/0"},{"reference_url":"https://www.debian.org/security/2020/dsa-4616","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2020/dsa-4616"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/06/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/09/06/3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1749716","reference_id":"1749716","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1749716"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939868","reference_id":"939868","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939868"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939869","reference_id":"939869","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939869"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libslirp_project:libslirp:4.0.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libslirp_project:libslirp:4.0.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libslirp_project:libslirp:4.0.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:4.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:4.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:4.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-15890","reference_id":"CVE-2019-15890","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-15890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0348","reference_id":"RHSA-2020:0348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0775","reference_id":"RHSA-2020:0775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0889","reference_id":"RHSA-2020:0889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4676","reference_id":"RHSA-2020:4676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4676"},{"reference_url":"https://usn.ubuntu.com/4191-1/","reference_id":"USN-4191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4191-1/"},{"reference_url":"https://usn.ubuntu.com/4191-2/","reference_id":"USN-4191-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4191-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1036934?format=json","purl":"pkg:deb/debian/qemu@1:2.8%2Bdfsg-6%2Bdeb9u9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1erd-fd8p-hqch"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-2ywm-rb9g-x3fr"},{"vulnerability":"VCID-32jy-dr7t-2uas"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3qwz-gg8s-2ugm"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4276-jfy3-h3ck"},{"vulnerability":"VCID-46n7-vgn3-nffj"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4s1w-v1qs-9uhp"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-56ng-2tm1-5qhk"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-5xgg-2mh6-gfg1"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7w8v-hby8-dya5"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ac7j-emx5-v7cn"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-atzs-876n-byg6"},{"vulnerability":"VCID-b7v6-247j-kfcs"},{"vulnerability":"VCID-bbmg-x8h6-67e5"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-bj4j-2yxz-pyeh"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-c834-hdmj-cfe1"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-chjc-4r36-y3f8"},{"vulnerability":"VCID-cmqc-g49c-wbeq"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-cy79-xgar-eqgr"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-d8cd-qgg7-fyed"},{"vulnerability":"VCID-dgzy-z4ad-ubc4"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-dthd-mp8z-8ucg"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-ecy5-s73b-n3db"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-f4w9-adpm-tuht"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fp83-zgum-ryb8"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gmvy-m5mq-yycx"},{"vulnerability":"VCID-gntc-n53u-n3aj"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-hwt1-11ew-sqhv"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jdmp-aggh-ufhy"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-jnxy-g6wu-8ubu"},{"vulnerability":"VCID-jq6v-ra9m-sqgz"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-km1b-1rvd-q3fa"},{"vulnerability":"VCID-kvww-v5vg-qbdt"},{"vulnerability":"VCID-kwra-y7vr-ykdg"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mgn9-kzp9-wke5"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-mzsa-tcqf-effc"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ncpf-ttuc-fqe7"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p1bu-wmxq-27dm"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-q49g-ggaf-cqbt"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qnpg-992x-5kcn"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-rdgu-3kat-j7c6"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-rkxf-jp2j-mqgf"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rxsw-t1ut-rkau"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tsyt-eq3x-5ucy"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-uj5n-mck2-2uen"},{"vulnerability":"VCID-uryz-5yk9-9fd7"},{"vulnerability":"VCID-v4eq-3kfm-uug9"},{"vulnerability":"VCID-v8fp-rzfq-e3bs"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vefc-bfc3-fyg2"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-vxg6-nx6s-6feu"},{"vulnerability":"VCID-w1je-asqn-fbcr"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-xzmg-gkxx-buau"},{"vulnerability":"VCID-y16a-n7u8-zfen"},{"vulnerability":"VCID-yccx-a98b-nfh4"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-z24v-fz53-zubg"},{"vulnerability":"VCID-z31k-dhbq-k3ed"},{"vulnerability":"VCID-z4jn-dgcg-x7du"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zfwq-v3sh-kkbp"},{"vulnerability":"VCID-zjyq-3nyd-k3g9"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-6%252Bdeb9u9"},{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2019-15890"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d6gd-j7ks-xkgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61637?format=json","vulnerability_id":"VCID-dqbd-gqg9-2kgs","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13754.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13754.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13754","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08657","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08685","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08733","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08656","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08757","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08735","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.0872","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.0861","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08597","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08751","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08762","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08716","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08721","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1842363","reference_id":"1842363","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1842363"},{"reference_url":"https://security.gentoo.org/glsa/202011-09","reference_id":"GLSA-202011-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202011-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2521","reference_id":"RHSA-2021:2521","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3061","reference_id":"RHSA-2021:3061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3061"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"},{"reference_url":"https://usn.ubuntu.com/4467-2/","reference_id":"USN-4467-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-13754"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dqbd-gqg9-2kgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80609?format=json","vulnerability_id":"VCID-drqf-646q-xqf3","summary":"qemu: out-of-bound heap buffer access via an interrupt ID field","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20221.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20221.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20221","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0619","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06225","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06251","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06231","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06275","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06317","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06309","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06305","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06294","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06264","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06408","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06423","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06446","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06458","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20221"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20221","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20221"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1924601","reference_id":"1924601","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1924601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1125","reference_id":"RHSA-2021:1125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2521","reference_id":"RHSA-2021:2521","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3061","reference_id":"RHSA-2021:3061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3061"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-20221"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-drqf-646q-xqf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31746?format=json","vulnerability_id":"VCID-e99n-gc79-cqcy","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11102.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11102.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11102","reference_id":"","reference_type":"","scores":[{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60624","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60774","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60781","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60769","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60783","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60699","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60728","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60694","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60742","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60758","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60782","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60768","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60749","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60791","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60797","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11102"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11102","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11102"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.gnu.org/archive/html/qemu-devel/2020-03/msg08322.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.gnu.org/archive/html/qemu-devel/2020-03/msg08322.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/04/06/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2020/04/06/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821180","reference_id":"1821180","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821180"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956145","reference_id":"956145","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956145"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:4.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:4.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:4.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11102","reference_id":"CVE-2020-11102","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11102"},{"reference_url":"https://security.gentoo.org/glsa/202005-02","reference_id":"GLSA-202005-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-11102"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e99n-gc79-cqcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35407?format=json","vulnerability_id":"VCID-eb18-wa2w-q7bn","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3682.json","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3682.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3682","reference_id":"","reference_type":"","scores":[{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61708","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61782","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61813","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61831","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61847","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61868","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61857","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61837","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.6188","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61885","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61869","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61864","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61882","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.61875","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1989651","reference_id":"1989651","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1989651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991911","reference_id":"991911","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991911"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3703","reference_id":"RHSA-2021:3703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3704","reference_id":"RHSA-2021:3704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3704"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"},{"reference_url":"https://usn.ubuntu.com/5772-1/","reference_id":"USN-5772-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5772-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3682"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eb18-wa2w-q7bn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35402?format=json","vulnerability_id":"VCID-een8-8kc5-qfcx","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3546.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3546.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3546","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13329","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13431","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13496","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1329","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13373","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13423","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13395","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1336","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13313","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13218","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13217","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13297","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13304","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13276","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13173","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1958978","reference_id":"1958978","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1958978"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042","reference_id":"989042","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3546"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-een8-8kc5-qfcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81469?format=json","vulnerability_id":"VCID-egyg-bbm9-8qea","summary":"QEMU: slirp: use-after-free in ip_reass() function in ip_input.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1983.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1983.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1983","reference_id":"","reference_type":"","scores":[{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34973","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35317","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35083","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35062","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42299","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42307","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42315","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42338","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42301","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42273","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42323","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43138","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43052","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43077","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43111","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1983"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1829825","reference_id":"1829825","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1829825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3053","reference_id":"RHSA-2020:3053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4079","reference_id":"RHSA-2020:4079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4290","reference_id":"RHSA-2020:4290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4676","reference_id":"RHSA-2020:4676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4676"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0346","reference_id":"RHSA-2021:0346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0459","reference_id":"RHSA-2021:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0934","reference_id":"RHSA-2021:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0934"},{"reference_url":"https://usn.ubuntu.com/4372-1/","reference_id":"USN-4372-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4372-1/"},{"reference_url":"https://usn.ubuntu.com/7094-1/","reference_id":"USN-7094-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7094-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-1983"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-egyg-bbm9-8qea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80657?format=json","vulnerability_id":"VCID-eqp6-raqc-dkch","summary":"qemu: 9pfs: TOCTOU privilege escalation vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20181.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20181.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20181","reference_id":"","reference_type":"","scores":[{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.1716","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17325","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17373","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17152","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17244","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17315","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17266","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17207","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17146","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17151","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17187","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17091","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17074","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17018","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20181"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1927007","reference_id":"1927007","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1927007"},{"reference_url":"https://usn.ubuntu.com/4725-1/","reference_id":"USN-4725-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4725-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-20181"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eqp6-raqc-dkch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34657?format=json","vulnerability_id":"VCID-ewsp-7ydm-5ub3","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13164.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13164.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13164","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0563","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05392","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0556","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05592","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05538","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05575","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05598","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05571","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05559","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05552","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05501","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05468","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05537","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05503","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20815","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20815"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14378"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1722559","reference_id":"1722559","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1722559"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931351","reference_id":"931351","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931351"},{"reference_url":"https://security.gentoo.org/glsa/202003-66","reference_id":"GLSA-202003-66","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-66"},{"reference_url":"https://usn.ubuntu.com/4191-1/","reference_id":"USN-4191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4191-1/"},{"reference_url":"https://usn.ubuntu.com/4191-2/","reference_id":"USN-4191-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4191-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1036934?format=json","purl":"pkg:deb/debian/qemu@1:2.8%2Bdfsg-6%2Bdeb9u9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1erd-fd8p-hqch"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-2ywm-rb9g-x3fr"},{"vulnerability":"VCID-32jy-dr7t-2uas"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3qwz-gg8s-2ugm"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4276-jfy3-h3ck"},{"vulnerability":"VCID-46n7-vgn3-nffj"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4s1w-v1qs-9uhp"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-56ng-2tm1-5qhk"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-5xgg-2mh6-gfg1"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7w8v-hby8-dya5"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ac7j-emx5-v7cn"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-atzs-876n-byg6"},{"vulnerability":"VCID-b7v6-247j-kfcs"},{"vulnerability":"VCID-bbmg-x8h6-67e5"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-bj4j-2yxz-pyeh"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-c834-hdmj-cfe1"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-chjc-4r36-y3f8"},{"vulnerability":"VCID-cmqc-g49c-wbeq"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-cy79-xgar-eqgr"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-d8cd-qgg7-fyed"},{"vulnerability":"VCID-dgzy-z4ad-ubc4"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-dthd-mp8z-8ucg"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-ecy5-s73b-n3db"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-f4w9-adpm-tuht"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fp83-zgum-ryb8"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gmvy-m5mq-yycx"},{"vulnerability":"VCID-gntc-n53u-n3aj"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-hwt1-11ew-sqhv"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jdmp-aggh-ufhy"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-jnxy-g6wu-8ubu"},{"vulnerability":"VCID-jq6v-ra9m-sqgz"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-km1b-1rvd-q3fa"},{"vulnerability":"VCID-kvww-v5vg-qbdt"},{"vulnerability":"VCID-kwra-y7vr-ykdg"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mgn9-kzp9-wke5"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-mzsa-tcqf-effc"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ncpf-ttuc-fqe7"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p1bu-wmxq-27dm"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-q49g-ggaf-cqbt"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qnpg-992x-5kcn"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-rdgu-3kat-j7c6"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-rkxf-jp2j-mqgf"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rxsw-t1ut-rkau"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tsyt-eq3x-5ucy"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-uj5n-mck2-2uen"},{"vulnerability":"VCID-uryz-5yk9-9fd7"},{"vulnerability":"VCID-v4eq-3kfm-uug9"},{"vulnerability":"VCID-v8fp-rzfq-e3bs"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vefc-bfc3-fyg2"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-vxg6-nx6s-6feu"},{"vulnerability":"VCID-w1je-asqn-fbcr"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-xzmg-gkxx-buau"},{"vulnerability":"VCID-y16a-n7u8-zfen"},{"vulnerability":"VCID-yccx-a98b-nfh4"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-z24v-fz53-zubg"},{"vulnerability":"VCID-z31k-dhbq-k3ed"},{"vulnerability":"VCID-z4jn-dgcg-x7du"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zfwq-v3sh-kkbp"},{"vulnerability":"VCID-zjyq-3nyd-k3g9"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-6%252Bdeb9u9"},{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2019-13164"],"risk_score":1.2,"exploitability":"0.5","weighted_severity":"2.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ewsp-7ydm-5ub3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61639?format=json","vulnerability_id":"VCID-ezm8-pq4d-mkhg","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13800.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13800.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13800","reference_id":"","reference_type":"","scores":[{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28466","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28561","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28604","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28407","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28474","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28515","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28517","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28425","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28442","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28419","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28368","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28243","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28131","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28051","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13800"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1843771","reference_id":"1843771","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1843771"},{"reference_url":"https://security.gentoo.org/glsa/202011-09","reference_id":"GLSA-202011-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202011-09"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-13800"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ezm8-pq4d-mkhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62353?format=json","vulnerability_id":"VCID-f2fx-sqtp-8yhe","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0216.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0216.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0216","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06028","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06061","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0609","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06073","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06114","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06152","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06144","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0614","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06132","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06093","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06104","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06254","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06273","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.063","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06311","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0216"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014590","reference_id":"1014590","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014590"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036953","reference_id":"2036953","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036953"},{"reference_url":"https://security.gentoo.org/glsa/202408-18","reference_id":"GLSA-202408-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-18"},{"reference_url":"https://usn.ubuntu.com/5772-1/","reference_id":"USN-5772-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5772-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2022-0216"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f2fx-sqtp-8yhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40981?format=json","vulnerability_id":"VCID-ffd9-9wm1-rffs","summary":"Multiple vulnerabilities have been found in libslirp, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3594.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3594.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3594","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07906","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07864","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.0785","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.0801","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07972","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07937","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07969","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07991","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07978","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.0796","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07945","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08161","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08215","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08071","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3594"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3594","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3594"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970491","reference_id":"1970491","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970491"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989995","reference_id":"989995","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989995"},{"reference_url":"https://security.archlinux.org/ASA-202106-49","reference_id":"ASA-202106-49","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-49"},{"reference_url":"https://security.archlinux.org/AVG-2073","reference_id":"AVG-2073","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2073"},{"reference_url":"https://security.gentoo.org/glsa/202107-44","reference_id":"GLSA-202107-44","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-44"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4191","reference_id":"RHSA-2021:4191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4191"},{"reference_url":"https://usn.ubuntu.com/5009-1/","reference_id":"USN-5009-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5009-1/"},{"reference_url":"https://usn.ubuntu.com/5009-2/","reference_id":"USN-5009-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5009-2/"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"},{"reference_url":"https://usn.ubuntu.com/7094-1/","reference_id":"USN-7094-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7094-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3594"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ffd9-9wm1-rffs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82951?format=json","vulnerability_id":"VCID-fucx-q3j9-qkat","summary":"QEMU: pvrdma: infinite loop in pvrdma_qp_send/recv","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20216.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20216.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20216","reference_id":"","reference_type":"","scores":[{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65794","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65936","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65927","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65938","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65844","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65874","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65839","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65891","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65903","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65921","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65908","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65878","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65913","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65928","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.65917","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20216"},{"reference_url":"https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg03052.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg03052.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2018/12/19/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2018/12/19/2"},{"reference_url":"http://www.securityfocus.com/bid/106291","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106291"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660753","reference_id":"1660753","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660753"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20216","reference_id":"CVE-2018-20216","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20216"},{"reference_url":"https://usn.ubuntu.com/3923-1/","reference_id":"USN-3923-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3923-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2018-20216"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fucx-q3j9-qkat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34658?format=json","vulnerability_id":"VCID-gqtx-g1cs-6ybn","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8608.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8608.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8608","reference_id":"","reference_type":"","scores":[{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81079","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81088","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81113","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.8114","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81146","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81165","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81151","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81144","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81181","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81183","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81203","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81211","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01501","scoring_system":"epss","scoring_elements":"0.81216","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8608"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798453","reference_id":"1798453","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798453"},{"reference_url":"https://security.gentoo.org/glsa/202003-66","reference_id":"GLSA-202003-66","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-66"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0889","reference_id":"RHSA-2020:0889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1208","reference_id":"RHSA-2020:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1209","reference_id":"RHSA-2020:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1261","reference_id":"RHSA-2020:1261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1292","reference_id":"RHSA-2020:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1300","reference_id":"RHSA-2020:1300","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1300"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1351","reference_id":"RHSA-2020:1351","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1352","reference_id":"RHSA-2020:1352","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1379","reference_id":"RHSA-2020:1379","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1379"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1403","reference_id":"RHSA-2020:1403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2342","reference_id":"RHSA-2020:2342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2730","reference_id":"RHSA-2020:2730","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2730"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2773","reference_id":"RHSA-2020:2773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2774","reference_id":"RHSA-2020:2774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2844","reference_id":"RHSA-2020:2844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3040","reference_id":"RHSA-2020:3040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3040"},{"reference_url":"https://usn.ubuntu.com/4283-1/","reference_id":"USN-4283-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4283-1/"},{"reference_url":"https://usn.ubuntu.com/4632-1/","reference_id":"USN-4632-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4632-1/"},{"reference_url":"https://usn.ubuntu.com/7094-1/","reference_id":"USN-7094-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7094-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-8608"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gqtx-g1cs-6ybn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94148?format=json","vulnerability_id":"VCID-h22r-c3az-3fa3","summary":"An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. The guest system can crash the QEMU process in the host system via a special SCSI_IOCTL_SEND_COMMAND. It hits an assertion that implies that the size of successful DMA transfers there must be a multiple of 512 (the size of a sector). NOTE: a member of the QEMU security team disputes the significance of this issue because a \"privileged guest user has many ways to cause similar DoS effect, without triggering this assert.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20175","reference_id":"","reference_type":"","scores":[{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67585","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67488","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67576","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67555","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67574","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67584","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67452","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67509","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67487","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67538","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67553","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67575","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67562","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67529","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67564","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20175"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20175","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20175"},{"reference_url":"https://lists.nongnu.org/archive/html/qemu-devel/2019-11/msg00597.html","reference_id":"msg00597.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:35:51Z/"}],"url":"https://lists.nongnu.org/archive/html/qemu-devel/2019-11/msg00597.html"},{"reference_url":"https://lists.nongnu.org/archive/html/qemu-devel/2019-07/msg01651.html","reference_id":"msg01651.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:35:51Z/"}],"url":"https://lists.nongnu.org/archive/html/qemu-devel/2019-07/msg01651.html"},{"reference_url":"https://lists.nongnu.org/archive/html/qemu-devel/2019-11/msg02165.html","reference_id":"msg02165.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:35:51Z/"}],"url":"https://lists.nongnu.org/archive/html/qemu-devel/2019-11/msg02165.html"},{"reference_url":"https://lists.nongnu.org/archive/html/qemu-devel/2019-07/msg03869.html","reference_id":"msg03869.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:35:51Z/"}],"url":"https://lists.nongnu.org/archive/html/qemu-devel/2019-07/msg03869.html"},{"reference_url":"https://www.mail-archive.com/qemu-devel%40nongnu.org/msg667396.html","reference_id":"msg667396.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:35:51Z/"}],"url":"https://www.mail-archive.com/qemu-devel%40nongnu.org/msg667396.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2019-20175"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h22r-c3az-3fa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81332?format=json","vulnerability_id":"VCID-h5sc-3zrc-23dn","summary":"QEMU: loader: OOB access while loading registered ROM may lead to code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13765.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13765.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13765","reference_id":"","reference_type":"","scores":[{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58804","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58879","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58901","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58868","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.5892","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58926","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58943","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58907","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58941","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58945","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58923","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58906","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58922","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58908","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1842912","reference_id":"1842912","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1842912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0347","reference_id":"RHSA-2021:0347","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0347"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"},{"reference_url":"https://usn.ubuntu.com/7094-1/","reference_id":"USN-7094-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7094-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-13765"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h5sc-3zrc-23dn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80849?format=json","vulnerability_id":"VCID-hq1b-c1ew-kkga","summary":"QEMU: ati-vga: potential crash via invalid x y parameter values","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27616.json","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27616.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27616","reference_id":"","reference_type":"","scores":[{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63006","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63065","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63094","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63059","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63111","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63128","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63145","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.6313","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63108","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63143","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63151","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63131","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63153","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63167","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63165","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27616"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1894036","reference_id":"1894036","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1894036"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975265","reference_id":"975265","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975265"},{"reference_url":"https://usn.ubuntu.com/4650-1/","reference_id":"USN-4650-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4650-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-27616"],"risk_score":1.2,"exploitability":"0.5","weighted_severity":"2.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hq1b-c1ew-kkga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35404?format=json","vulnerability_id":"VCID-hrhp-htnd-7bbx","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3607.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3607.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3607","reference_id":"","reference_type":"","scores":[{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38532","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38667","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38691","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38622","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38673","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38682","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38692","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38654","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38628","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38675","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38653","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38575","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38416","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38391","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38299","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3607"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3607","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3607"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1973349","reference_id":"1973349","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1973349"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990564","reference_id":"990564","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990564"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3607"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hrhp-htnd-7bbx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82802?format=json","vulnerability_id":"VCID-j11x-bba3-zkdj","summary":"QEMU: ppc64: sPAPR emulator leaks the host hardware identity","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00094.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00094.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00040.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8934.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8934.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8934","reference_id":"","reference_type":"","scores":[{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28149","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27749","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.2802","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27938","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27826","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.2822","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28264","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28055","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28121","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28165","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28172","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28129","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28072","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28082","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28065","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8934"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.gnu.org/archive/html/qemu-devel/2019-02/msg04821.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.gnu.org/archive/html/qemu-devel/2019-02/msg04821.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190411-0006/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190411-0006/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/02/21/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/02/21/1"},{"reference_url":"http://www.securityfocus.com/bid/107115","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107115"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1668022","reference_id":"1668022","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1668022"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922923","reference_id":"922923","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922923"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-8934","reference_id":"CVE-2019-8934","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:N/A:N"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-8934"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2019-8934"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j11x-bba3-zkdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35423?format=json","vulnerability_id":"VCID-j1gy-ttz5-1yct","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26353.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26353.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26353","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47052","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47071","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47019","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47074","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.4707","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47095","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47068","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47076","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47132","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47128","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47062","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47072","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47021","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2063197","reference_id":"2063197","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2063197"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5002","reference_id":"RHSA-2022:5002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5263","reference_id":"RHSA-2022:5263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5821","reference_id":"RHSA-2022:5821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5821"},{"reference_url":"https://usn.ubuntu.com/5489-1/","reference_id":"USN-5489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2022-26353"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j1gy-ttz5-1yct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35419?format=json","vulnerability_id":"VCID-j6hs-wm45-s3ej","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20257.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20257.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20257","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22726","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.229","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22944","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22737","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22812","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22864","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22885","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22848","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22792","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22806","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.228","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2276","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22598","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2259","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22585","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20257"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930087","reference_id":"1930087","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930087"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984450","reference_id":"984450","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984450"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5238","reference_id":"RHSA-2021:5238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0081","reference_id":"RHSA-2022:0081","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0081"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-20257"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j6hs-wm45-s3ej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80185?format=json","vulnerability_id":"VCID-jmca-kswb-1beq","summary":"QEMU: ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bounds write","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3638.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3638.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3638","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05164","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05208","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05237","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05261","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05297","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05317","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05282","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05268","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05254","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05199","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05201","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05334","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05369","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05411","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05409","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1979858","reference_id":"1979858","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1979858"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992726","reference_id":"992726","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992726"},{"reference_url":"https://usn.ubuntu.com/6567-1/","reference_id":"USN-6567-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6567-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3638"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jmca-kswb-1beq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80797?format=json","vulnerability_id":"VCID-juek-f6et-x7eb","summary":"QEMU: e1000e: infinite loop scenario in case of null packet descriptor","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28916.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28916.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28916","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14431","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14494","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14564","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14372","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14457","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14511","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.1446","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14423","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14366","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14257","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14258","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14328","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14359","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14334","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14275","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28916"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28916"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903064","reference_id":"1903064","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903064"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974687","reference_id":"974687","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974687"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976388","reference_id":"976388","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1762","reference_id":"RHSA-2021:1762","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1762"},{"reference_url":"https://usn.ubuntu.com/4725-1/","reference_id":"USN-4725-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4725-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-28916"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-juek-f6et-x7eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82280?format=json","vulnerability_id":"VCID-ke54-4uc4-rkbs","summary":"qemu: hw/display/bochs-display.c does not ensure a sufficient PCI config space allocation leading to a buffer overflow involving the PCIe extended config space","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15034.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15034.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15034","reference_id":"","reference_type":"","scores":[{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40955","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40764","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40956","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40861","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40848","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41036","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41068","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40994","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41043","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.4105","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41069","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41033","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41017","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.4106","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41031","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15034"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01959.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01959.html"},{"reference_url":"https://www.debian.org/security/2020/dsa-4665","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2020/dsa-4665"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1812659","reference_id":"1812659","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1812659"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:4.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:4.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:4.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-15034","reference_id":"CVE-2019-15034","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:P/A:P"},{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-15034"},{"reference_url":"https://usn.ubuntu.com/4372-1/","reference_id":"USN-4372-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4372-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2019-15034"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ke54-4uc4-rkbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80745?format=json","vulnerability_id":"VCID-mn7m-an9j-yucj","summary":"QEMU: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27821.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27821.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27821","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10652","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10792","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10855","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10682","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10759","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10815","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10827","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10797","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10772","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10634","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10649","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10774","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10728","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10707","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27821"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27821","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27821"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1902651","reference_id":"1902651","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1902651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977616","reference_id":"977616","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977616"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1762","reference_id":"RHSA-2021:1762","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1762"},{"reference_url":"https://usn.ubuntu.com/4725-1/","reference_id":"USN-4725-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4725-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-27821"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mn7m-an9j-yucj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35403?format=json","vulnerability_id":"VCID-nb4k-f7rm-kuhg","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3582.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3582.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3582","reference_id":"","reference_type":"","scores":[{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37003","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37176","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37204","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37035","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37086","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37099","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37109","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37075","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37049","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37095","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37077","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3702","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36789","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36757","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3667","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3582"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966266","reference_id":"1966266","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966266"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990565","reference_id":"990565","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990565"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3582"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nb4k-f7rm-kuhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80430?format=json","vulnerability_id":"VCID-ne4d-zj65-qkgx","summary":"QEMU: fdc: heap buffer overflow in DMA read data transfers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3507.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3507.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3507","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08241","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08296","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08349","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08293","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08356","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08373","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08365","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08345","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08328","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08225","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08212","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08343","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08306","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08272","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3507"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1951118","reference_id":"1951118","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1951118"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987410","reference_id":"987410","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7472","reference_id":"RHSA-2022:7472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7967","reference_id":"RHSA-2022:7967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7967"},{"reference_url":"https://usn.ubuntu.com/5489-1/","reference_id":"USN-5489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3507"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ne4d-zj65-qkgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80905?format=json","vulnerability_id":"VCID-nuwe-tupt-wfhg","summary":"QEMU: usb: hcd-ohci: infinite loop issue while processing transfer descriptors","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25625.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25625.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25625","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08833","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08699","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.0885","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08868","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08821","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35125","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.3513","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35095","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35071","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34948","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35098","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35147","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35176","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35054","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25625"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25625","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25625"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879808","reference_id":"1879808","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879808"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970542","reference_id":"970542","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970542"},{"reference_url":"https://usn.ubuntu.com/4650-1/","reference_id":"USN-4650-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4650-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-25625"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nuwe-tupt-wfhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81124?format=json","vulnerability_id":"VCID-p2we-9qfu-17eb","summary":"QEMU: usb: use-after-free issue while setting up packet","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25084.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25084.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25084","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10292","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10273","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10244","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10378","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10359","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10351","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11097","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.111","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11068","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11045","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10944","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11043","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11082","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11145","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10966","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25084"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25084","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25084"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879652","reference_id":"1879652","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879652"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970539","reference_id":"970539","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970539"},{"reference_url":"https://usn.ubuntu.com/4650-1/","reference_id":"USN-4650-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4650-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-25084"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p2we-9qfu-17eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31747?format=json","vulnerability_id":"VCID-phfy-zv23-sqcr","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1711.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1711.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1711","reference_id":"","reference_type":"","scores":[{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68175","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68197","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68215","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68192","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68243","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68258","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68283","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.6827","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68236","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68276","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68287","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68267","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68311","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68319","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68322","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1711","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1711"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1794290","reference_id":"1794290","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1794290"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949731","reference_id":"949731","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949731"},{"reference_url":"https://security.gentoo.org/glsa/202005-02","reference_id":"GLSA-202005-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0669","reference_id":"RHSA-2020:0669","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0669"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0730","reference_id":"RHSA-2020:0730","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0730"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0731","reference_id":"RHSA-2020:0731","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0773","reference_id":"RHSA-2020:0773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1150","reference_id":"RHSA-2020:1150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1216","reference_id":"RHSA-2020:1216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1296","reference_id":"RHSA-2020:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1300","reference_id":"RHSA-2020:1300","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1300"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1352","reference_id":"RHSA-2020:1352","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1358","reference_id":"RHSA-2020:1358","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1358"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1505","reference_id":"RHSA-2020:1505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2472","reference_id":"RHSA-2020:2472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2472"},{"reference_url":"https://usn.ubuntu.com/4283-1/","reference_id":"USN-4283-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4283-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-1711"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-phfy-zv23-sqcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35397?format=json","vulnerability_id":"VCID-q38v-9gvs-sydf","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3545.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3545.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3545","reference_id":"","reference_type":"","scores":[{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30389","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30418","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30464","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30272","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30331","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30366","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30368","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30324","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30277","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30291","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30273","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30229","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30164","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30049","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29974","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1958955","reference_id":"1958955","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1958955"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042","reference_id":"989042","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3545"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q38v-9gvs-sydf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82943?format=json","vulnerability_id":"VCID-qejd-5dkk-muhc","summary":"QEMU: pvrdma: memory leakage in device hotplug","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20123.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20123.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20123","reference_id":"","reference_type":"","scores":[{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36064","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36259","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36293","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36128","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36177","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36195","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36201","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36164","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36138","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.3618","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36165","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36114","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35884","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35852","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35765","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20123","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20123"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1658963","reference_id":"1658963","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1658963"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916442","reference_id":"916442","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916442"},{"reference_url":"https://usn.ubuntu.com/3923-1/","reference_id":"USN-3923-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3923-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2018-20123"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qejd-5dkk-muhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35412?format=json","vulnerability_id":"VCID-qn73-3gkb-rkbm","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3930.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3930.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3930","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17001","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17172","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17224","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16955","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17044","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17103","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17078","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17032","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16971","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16908","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1691","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16947","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16851","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16833","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16789","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3930"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2020588","reference_id":"2020588","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2020588"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5065","reference_id":"RHSA-2021:5065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5238","reference_id":"RHSA-2021:5238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0081","reference_id":"RHSA-2022:0081","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0081"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"},{"reference_url":"https://usn.ubuntu.com/5772-1/","reference_id":"USN-5772-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5772-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3930"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qn73-3gkb-rkbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35409?format=json","vulnerability_id":"VCID-r47h-wdgy-7bga","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3748.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3748.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3748","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10319","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10438","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10505","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10365","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10503","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10533","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.105","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10478","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10345","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10449","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10432","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10421","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1998514","reference_id":"1998514","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1998514"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993401","reference_id":"993401","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993401"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4112","reference_id":"RHSA-2021:4112","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4112"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5036","reference_id":"RHSA-2021:5036","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5036"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1759","reference_id":"RHSA-2022:1759","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1759"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3748"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r47h-wdgy-7bga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80608?format=json","vulnerability_id":"VCID-r51r-u7mq-93cy","summary":"QEMU: scsi: mptsas: use-after-free while processing io requests","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3392.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3392.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3392","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07325","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07437","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07479","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07461","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07519","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07541","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07543","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07529","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07516","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07438","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07428","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07557","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07517","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07507","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07476","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3392"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1924042","reference_id":"1924042","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1924042"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984449","reference_id":"984449","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984449"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3392"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r51r-u7mq-93cy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80970?format=json","vulnerability_id":"VCID-re83-uvh8-5bgq","summary":"QEMU: out-of-bounds read/write in ati-vga device emulation in ati_2d_blt()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24352.json","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24352.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24352","reference_id":"","reference_type":"","scores":[{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33459","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33616","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33649","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33488","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33533","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33566","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.3356","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33518","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33495","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35132","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35195","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35181","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.3479","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34898","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34879","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24352"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1847584","reference_id":"1847584","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1847584"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968820","reference_id":"968820","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968820"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-24352"],"risk_score":1.2,"exploitability":"0.5","weighted_severity":"2.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-re83-uvh8-5bgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76578?format=json","vulnerability_id":"VCID-ruzy-eqc8-5ubs","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14378.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14378.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14378","reference_id":"","reference_type":"","scores":[{"value":"0.06584","scoring_system":"epss","scoring_elements":"0.9111","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06584","scoring_system":"epss","scoring_elements":"0.91116","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06584","scoring_system":"epss","scoring_elements":"0.91124","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06584","scoring_system":"epss","scoring_elements":"0.91131","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06584","scoring_system":"epss","scoring_elements":"0.91144","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06584","scoring_system":"epss","scoring_elements":"0.9115","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06584","scoring_system":"epss","scoring_elements":"0.91158","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06584","scoring_system":"epss","scoring_elements":"0.91159","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06584","scoring_system":"epss","scoring_elements":"0.91183","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06584","scoring_system":"epss","scoring_elements":"0.91184","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06584","scoring_system":"epss","scoring_elements":"0.91187","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06584","scoring_system":"epss","scoring_elements":"0.91199","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06584","scoring_system":"epss","scoring_elements":"0.91198","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06584","scoring_system":"epss","scoring_elements":"0.91195","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20815","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20815"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14378"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1734745","reference_id":"1734745","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1734745"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933741","reference_id":"933741","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933741"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933742","reference_id":"933742","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933742"},{"reference_url":"https://github.com/vishnudevtj/exploits/blob/bdbe2647969150c63ee3b34da5a2deb056e64f0b/qemu/CVE-2019-14378/exp.c","reference_id":"CVE-2019-14378","reference_type":"exploit","scores":[],"url":"https://github.com/vishnudevtj/exploits/blob/bdbe2647969150c63ee3b34da5a2deb056e64f0b/qemu/CVE-2019-14378/exp.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/47320.c","reference_id":"CVE-2019-14378","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/47320.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3179","reference_id":"RHSA-2019:3179","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3179"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3403","reference_id":"RHSA-2019:3403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3494","reference_id":"RHSA-2019:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3742","reference_id":"RHSA-2019:3742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3787","reference_id":"RHSA-2019:3787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3968","reference_id":"RHSA-2019:3968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4344","reference_id":"RHSA-2019:4344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0366","reference_id":"RHSA-2020:0366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0775","reference_id":"RHSA-2020:0775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0889","reference_id":"RHSA-2020:0889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1216","reference_id":"RHSA-2020:1216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2065","reference_id":"RHSA-2020:2065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2126","reference_id":"RHSA-2020:2126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2342","reference_id":"RHSA-2020:2342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2342"},{"reference_url":"https://usn.ubuntu.com/4191-1/","reference_id":"USN-4191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4191-1/"},{"reference_url":"https://usn.ubuntu.com/4191-2/","reference_id":"USN-4191-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4191-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1036934?format=json","purl":"pkg:deb/debian/qemu@1:2.8%2Bdfsg-6%2Bdeb9u9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1erd-fd8p-hqch"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-2ywm-rb9g-x3fr"},{"vulnerability":"VCID-32jy-dr7t-2uas"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3qwz-gg8s-2ugm"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4276-jfy3-h3ck"},{"vulnerability":"VCID-46n7-vgn3-nffj"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4s1w-v1qs-9uhp"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-56ng-2tm1-5qhk"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-5xgg-2mh6-gfg1"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7w8v-hby8-dya5"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ac7j-emx5-v7cn"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-atzs-876n-byg6"},{"vulnerability":"VCID-b7v6-247j-kfcs"},{"vulnerability":"VCID-bbmg-x8h6-67e5"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-bj4j-2yxz-pyeh"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-c834-hdmj-cfe1"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-chjc-4r36-y3f8"},{"vulnerability":"VCID-cmqc-g49c-wbeq"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-cy79-xgar-eqgr"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-d8cd-qgg7-fyed"},{"vulnerability":"VCID-dgzy-z4ad-ubc4"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-dthd-mp8z-8ucg"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-ecy5-s73b-n3db"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-f4w9-adpm-tuht"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fp83-zgum-ryb8"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gmvy-m5mq-yycx"},{"vulnerability":"VCID-gntc-n53u-n3aj"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-hwt1-11ew-sqhv"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jdmp-aggh-ufhy"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-jnxy-g6wu-8ubu"},{"vulnerability":"VCID-jq6v-ra9m-sqgz"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-km1b-1rvd-q3fa"},{"vulnerability":"VCID-kvww-v5vg-qbdt"},{"vulnerability":"VCID-kwra-y7vr-ykdg"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mgn9-kzp9-wke5"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-mzsa-tcqf-effc"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ncpf-ttuc-fqe7"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p1bu-wmxq-27dm"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-q49g-ggaf-cqbt"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qnpg-992x-5kcn"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-rdgu-3kat-j7c6"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-rkxf-jp2j-mqgf"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rxsw-t1ut-rkau"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tsyt-eq3x-5ucy"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-uj5n-mck2-2uen"},{"vulnerability":"VCID-uryz-5yk9-9fd7"},{"vulnerability":"VCID-v4eq-3kfm-uug9"},{"vulnerability":"VCID-v8fp-rzfq-e3bs"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vefc-bfc3-fyg2"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-vxg6-nx6s-6feu"},{"vulnerability":"VCID-w1je-asqn-fbcr"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-xzmg-gkxx-buau"},{"vulnerability":"VCID-y16a-n7u8-zfen"},{"vulnerability":"VCID-yccx-a98b-nfh4"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-z24v-fz53-zubg"},{"vulnerability":"VCID-z31k-dhbq-k3ed"},{"vulnerability":"VCID-z4jn-dgcg-x7du"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zfwq-v3sh-kkbp"},{"vulnerability":"VCID-zjyq-3nyd-k3g9"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-6%252Bdeb9u9"},{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2019-14378"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ruzy-eqc8-5ubs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81468?format=json","vulnerability_id":"VCID-rvs5-s55e-9ueb","summary":"qemu: weak signature generation in Pointer Authentication support for ARM","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10702.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10702.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10702","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10467","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10609","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10673","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10536","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10608","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10667","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10681","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1065","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10625","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10489","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10508","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10633","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10582","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1058","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10528","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10702"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10702","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10702"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1809948","reference_id":"1809948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1809948"},{"reference_url":"https://usn.ubuntu.com/4372-1/","reference_id":"USN-4372-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4372-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-10702"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rvs5-s55e-9ueb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62352?format=json","vulnerability_id":"VCID-rz5x-q1ne-53he","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14394.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14394.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14394","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06818","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06901","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06951","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06935","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06989","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0702","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07025","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07014","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07007","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06946","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0693","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07064","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07048","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07052","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07013","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14394"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14394","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14394"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1908004","reference_id":"1908004","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1908004"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979677","reference_id":"979677","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979677"},{"reference_url":"https://security.gentoo.org/glsa/202408-18","reference_id":"GLSA-202408-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-18"},{"reference_url":"https://usn.ubuntu.com/6567-1/","reference_id":"USN-6567-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6567-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-14394"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rz5x-q1ne-53he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61638?format=json","vulnerability_id":"VCID-sy57-hngf-d3gn","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13791.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13791.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13791","reference_id":"","reference_type":"","scores":[{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.3855","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.3868","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38702","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38632","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38683","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38692","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38664","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38638","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38686","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38586","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38433","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38408","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38316","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13791"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1843764","reference_id":"1843764","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1843764"},{"reference_url":"https://security.gentoo.org/glsa/202011-09","reference_id":"GLSA-202011-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202011-09"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-13791"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sy57-hngf-d3gn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80755?format=json","vulnerability_id":"VCID-t2y3-nbz8-jqa7","summary":"QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29129.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29129.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-29129","reference_id":"","reference_type":"","scores":[{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.50965","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.50997","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.5103","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51037","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51018","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51043","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51057","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51054","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51097","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51075","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51058","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51103","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51081","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-29129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29129"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1902231","reference_id":"1902231","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1902231"},{"reference_url":"https://security.archlinux.org/ASA-202012-7","reference_id":"ASA-202012-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-7"},{"reference_url":"https://security.archlinux.org/AVG-1305","reference_id":"AVG-1305","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1762","reference_id":"RHSA-2021:1762","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1762"},{"reference_url":"https://usn.ubuntu.com/5009-1/","reference_id":"USN-5009-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5009-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-29129"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t2y3-nbz8-jqa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35375?format=json","vulnerability_id":"VCID-t44w-g1ys-47e6","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15859.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15859.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15859","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09552","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09537","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30453","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30818","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30654","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30538","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32434","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32465","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32427","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.324","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32436","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32414","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32461","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32562","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32385","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15859"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1859168","reference_id":"1859168","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1859168"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965978","reference_id":"965978","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965978"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4191","reference_id":"RHSA-2021:4191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4191"},{"reference_url":"https://usn.ubuntu.com/4725-1/","reference_id":"USN-4725-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4725-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-15859"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t44w-g1ys-47e6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78215?format=json","vulnerability_id":"VCID-t6cq-kfkw-wbch","summary":"QEMU: virtio-crypto: heap buffer overflow in virtio_crypto_sym_op_helper()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3180.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3180.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3180","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02408","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02307","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02334","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02318","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02304","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02301","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02285","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02292","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02387","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02366","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02358","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02313","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0231","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3180"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222424","reference_id":"2222424","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:56:22Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222424"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-3180","reference_id":"CVE-2023-3180","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:56:22Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-3180"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html","reference_id":"msg00006.html","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:56:22Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R/","reference_id":"MURWGXDIF2WTDXV36T6HFJDBL632AO7R","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:56:22Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230831-0008/","reference_id":"ntap-20230831-0008","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:56:22Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230831-0008/"},{"reference_url":"https://usn.ubuntu.com/6567-1/","reference_id":"USN-6567-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6567-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2023-3180"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t6cq-kfkw-wbch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62354?format=json","vulnerability_id":"VCID-takm-jn93-eqgb","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1050.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1050.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1050","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08132","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08192","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08244","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08255","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08266","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08246","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08228","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08109","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08273","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0825","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08211","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08177","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1050"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1050"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014589","reference_id":"1014589","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014589"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2069625","reference_id":"2069625","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2069625"},{"reference_url":"https://security.gentoo.org/glsa/202408-18","reference_id":"GLSA-202408-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-18"},{"reference_url":"https://usn.ubuntu.com/6167-1/","reference_id":"USN-6167-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6167-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2022-1050"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-takm-jn93-eqgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80976?format=json","vulnerability_id":"VCID-tk7k-71bb-97hh","summary":"QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25723.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25723.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25723","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10443","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10586","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10647","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10513","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10646","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10659","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10628","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10603","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10469","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10487","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10613","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10562","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10509","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25723"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898579","reference_id":"1898579","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898579"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975276","reference_id":"975276","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0648","reference_id":"RHSA-2021:0648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0771","reference_id":"RHSA-2021:0771","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1762","reference_id":"RHSA-2021:1762","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1762"},{"reference_url":"https://usn.ubuntu.com/4650-1/","reference_id":"USN-4650-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4650-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-25723"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tk7k-71bb-97hh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35387?format=json","vulnerability_id":"VCID-tyv8-tzu8-23fj","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35517.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35517.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35517","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24402","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24528","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24563","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24346","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24414","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24459","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24474","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2443","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24373","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24388","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24378","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24349","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24225","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24211","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24172","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35517"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1915823","reference_id":"1915823","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1915823"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980814","reference_id":"980814","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980814"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0711","reference_id":"RHSA-2021:0711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0743","reference_id":"RHSA-2021:0743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0743"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-35517"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tyv8-tzu8-23fj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82950?format=json","vulnerability_id":"VCID-u1wj-9rfp-wyea","summary":"QEMU: pvrdma: memory leakage when creating cq/qp","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00038.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20126.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20126.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20126","reference_id":"","reference_type":"","scores":[{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29535","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29129","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29423","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29308","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29194","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29602","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29651","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29472","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29573","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29575","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.2953","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29477","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29496","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29469","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20126"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02824.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02824.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2018/12/19/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2018/12/19/4"},{"reference_url":"http://www.securityfocus.com/bid/106298","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660751","reference_id":"1660751","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660751"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20126","reference_id":"CVE-2018-20126","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20126"},{"reference_url":"https://usn.ubuntu.com/3923-1/","reference_id":"USN-3923-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3923-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2018-20126"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u1wj-9rfp-wyea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82948?format=json","vulnerability_id":"VCID-vbq6-qtub-ffbg","summary":"QEMU: rdma: OOB access when building scatter-gather array","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20124.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20124.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20124","reference_id":"","reference_type":"","scores":[{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35716","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35418","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35537","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35505","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35913","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35944","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35775","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35825","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35848","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35855","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35814","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35791","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.3583","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35818","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35769","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20124"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20124","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20124"},{"reference_url":"https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02822.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02822.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2018/12/18/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2018/12/18/2"},{"reference_url":"http://www.securityfocus.com/bid/106290","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106290"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660372","reference_id":"1660372","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660372"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922461","reference_id":"922461","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922461"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20124","reference_id":"CVE-2018-20124","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20124"},{"reference_url":"https://usn.ubuntu.com/3923-1/","reference_id":"USN-3923-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3923-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2018-20124"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vbq6-qtub-ffbg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80904?format=json","vulnerability_id":"VCID-vpp8-a7sw-pqef","summary":"QEMU: usb: hcd-ohci: out-of-bound access issue while processing transfer descriptors","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25624.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25624.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25624","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09846","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09939","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09986","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09884","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0996","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10009","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10025","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09984","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09963","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09839","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09808","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09957","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09987","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09953","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09898","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879801","reference_id":"1879801","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879801"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970541","reference_id":"970541","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970541"},{"reference_url":"https://usn.ubuntu.com/4650-1/","reference_id":"USN-4650-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4650-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-25624"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vpp8-a7sw-pqef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35425?format=json","vulnerability_id":"VCID-vpu8-k8me-tfe6","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26354.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26354.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26354","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01502","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01386","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.014","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01485","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01493","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01494","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01408","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01401","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01395","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01396","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04303","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04324","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04333","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04365","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2063257","reference_id":"2063257","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2063257"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5002","reference_id":"RHSA-2022:5002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5263","reference_id":"RHSA-2022:5263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5821","reference_id":"RHSA-2022:5821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5821"},{"reference_url":"https://usn.ubuntu.com/5489-1/","reference_id":"USN-5489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2022-26354"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vpu8-k8me-tfe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35418?format=json","vulnerability_id":"VCID-vrwy-exwv-vyhr","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20203.json","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20203.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20203","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08695","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08723","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08771","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08697","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08773","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08799","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08801","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08768","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08752","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08641","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08631","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08784","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08797","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08753","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08756","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20203"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1922441","reference_id":"1922441","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1922441"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984452","reference_id":"984452","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984452"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-20203"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vrwy-exwv-vyhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35390?format=json","vulnerability_id":"VCID-vvaj-skpn-u3ar","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3409.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3409.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3409","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16897","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16727","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40602","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40612","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40593","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40573","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.4062","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.4059","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40512","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.4041","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40397","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40316","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.4063","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40552","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3409"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928146","reference_id":"1928146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928146"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986795","reference_id":"986795","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986795"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3409"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vvaj-skpn-u3ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35376?format=json","vulnerability_id":"VCID-wdjx-9f36-abgu","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15863.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15863.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15863","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13872","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13955","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14011","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13813","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13896","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13948","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13905","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13869","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1382","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31127","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31177","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31158","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30761","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30967","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30845","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1853725","reference_id":"1853725","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1853725"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-15863"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wdjx-9f36-abgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61631?format=json","vulnerability_id":"VCID-wg5b-8smu-b3fm","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10717.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10717.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10717","reference_id":"","reference_type":"","scores":[{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37232","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37397","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37421","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37249","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.373","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37312","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37323","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.3729","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37262","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37309","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37291","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37238","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37014","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36982","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36897","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10717"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10717","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10717"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827808","reference_id":"1827808","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827808"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959746","reference_id":"959746","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959746"},{"reference_url":"https://security.gentoo.org/glsa/202011-09","reference_id":"GLSA-202011-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202011-09"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-10717"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wg5b-8smu-b3fm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35381?format=json","vulnerability_id":"VCID-wjxf-kgdw-2kau","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16092.json","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16092.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-16092","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11559","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11685","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11728","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11513","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.116","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1166","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11672","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11635","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11608","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1147","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11472","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11598","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11551","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11512","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1144","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-16092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1860283","reference_id":"1860283","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1860283"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5111","reference_id":"RHSA-2020:5111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0346","reference_id":"RHSA-2021:0346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0347","reference_id":"RHSA-2021:0347","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0459","reference_id":"RHSA-2021:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0934","reference_id":"RHSA-2021:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0934"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1762","reference_id":"RHSA-2021:1762","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1762"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-16092"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wjxf-kgdw-2kau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4232?format=json","vulnerability_id":"VCID-wm9d-ymbb-sfdc","summary":"QEMU: usb: out-of-bounds r/w access issue","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14364.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14364.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14364","reference_id":"","reference_type":"","scores":[{"value":"0.13903","scoring_system":"epss","scoring_elements":"0.94268","published_at":"2026-04-01T12:55:00Z"},{"value":"0.13903","scoring_system":"epss","scoring_elements":"0.94277","published_at":"2026-04-02T12:55:00Z"},{"value":"0.13903","scoring_system":"epss","scoring_elements":"0.94289","published_at":"2026-04-04T12:55:00Z"},{"value":"0.13903","scoring_system":"epss","scoring_elements":"0.9429","published_at":"2026-04-07T12:55:00Z"},{"value":"0.13903","scoring_system":"epss","scoring_elements":"0.94299","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13903","scoring_system":"epss","scoring_elements":"0.94304","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13903","scoring_system":"epss","scoring_elements":"0.94308","published_at":"2026-04-12T12:55:00Z"},{"value":"0.13903","scoring_system":"epss","scoring_elements":"0.94333","published_at":"2026-04-24T12:55:00Z"},{"value":"0.13903","scoring_system":"epss","scoring_elements":"0.94332","published_at":"2026-04-26T12:55:00Z"},{"value":"0.13903","scoring_system":"epss","scoring_elements":"0.94309","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13903","scoring_system":"epss","scoring_elements":"0.94324","published_at":"2026-04-16T12:55:00Z"},{"value":"0.13903","scoring_system":"epss","scoring_elements":"0.9433","published_at":"2026-04-18T12:55:00Z"},{"value":"0.13903","scoring_system":"epss","scoring_elements":"0.94329","published_at":"2026-04-21T12:55:00Z"},{"value":"0.14223","scoring_system":"epss","scoring_elements":"0.94409","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14364"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869201","reference_id":"1869201","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869201"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968947","reference_id":"968947","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968947"},{"reference_url":"https://security.gentoo.org/glsa/202009-14","reference_id":"GLSA-202009-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202009-14"},{"reference_url":"https://security.gentoo.org/glsa/202011-09","reference_id":"GLSA-202011-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202011-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4047","reference_id":"RHSA-2020:4047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4048","reference_id":"RHSA-2020:4048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4049","reference_id":"RHSA-2020:4049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4050","reference_id":"RHSA-2020:4050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4050"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4051","reference_id":"RHSA-2020:4051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4052","reference_id":"RHSA-2020:4052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4053","reference_id":"RHSA-2020:4053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4054","reference_id":"RHSA-2020:4054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4055","reference_id":"RHSA-2020:4055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4056","reference_id":"RHSA-2020:4056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4058","reference_id":"RHSA-2020:4058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4059","reference_id":"RHSA-2020:4059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4078","reference_id":"RHSA-2020:4078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4079","reference_id":"RHSA-2020:4079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4111","reference_id":"RHSA-2020:4111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4115","reference_id":"RHSA-2020:4115","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4162","reference_id":"RHSA-2020:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4167","reference_id":"RHSA-2020:4167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4172","reference_id":"RHSA-2020:4172","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4172"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4176","reference_id":"RHSA-2020:4176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4290","reference_id":"RHSA-2020:4290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4291","reference_id":"RHSA-2020:4291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4291"},{"reference_url":"https://usn.ubuntu.com/4467-2/","reference_id":"USN-4467-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-2/"},{"reference_url":"https://usn.ubuntu.com/4511-1/","reference_id":"USN-4511-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4511-1/"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-335.html","reference_id":"XSA-335","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-335.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-14364","XSA-335"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wm9d-ymbb-sfdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80784?format=json","vulnerability_id":"VCID-wyr6-c2nv-p3a2","summary":"QEMU: ide: atapi: OOB access while processing read commands","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29443.json","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29443.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-29443","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22657","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22831","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22875","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22666","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22741","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22793","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22815","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22776","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2272","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22736","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22731","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22689","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22529","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.2252","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22518","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-29443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29443"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1917446","reference_id":"1917446","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1917446"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983575","reference_id":"983575","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983575"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1762","reference_id":"RHSA-2021:1762","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1762"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2322","reference_id":"RHSA-2021:2322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2529","reference_id":"RHSA-2021:2529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2529"},{"reference_url":"https://usn.ubuntu.com/4725-1/","reference_id":"USN-4725-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4725-1/"},{"reference_url":"https://usn.ubuntu.com/5010-1/","reference_id":"USN-5010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-29443"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wyr6-c2nv-p3a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80977?format=json","vulnerability_id":"VCID-x8ue-gf65-uket","summary":"QEMU: heap buffer overflow in sdhci_sdma_transfer_multi_blocks() in hw/sd/sdhci.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17380.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17380.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-17380","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53606","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53556","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53588","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53571","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53607","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53612","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53595","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53541","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53509","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5356","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55504","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55393","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.5556","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55534","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55543","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-17380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17380"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1862167","reference_id":"1862167","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1862167"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970937","reference_id":"970937","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970937"},{"reference_url":"https://usn.ubuntu.com/4650-1/","reference_id":"USN-4650-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4650-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-17380"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x8ue-gf65-uket"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35408?format=json","vulnerability_id":"VCID-ycrs-vy13-wbff","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3713.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3713.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3713","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09598","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09663","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09714","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09622","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09692","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09741","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09753","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09721","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09705","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09595","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09567","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09719","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09677","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1994640","reference_id":"1994640","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1994640"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992727","reference_id":"992727","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992727"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-3713"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ycrs-vy13-wbff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35417?format=json","vulnerability_id":"VCID-yt3z-g3w7-xfa5","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4207.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4207.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4207","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15388","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15427","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15497","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.153","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15438","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.154","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15361","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15307","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15305","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15295","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15211","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15216","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15267","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15932","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036966","reference_id":"2036966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036966"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5002","reference_id":"RHSA-2022:5002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5821","reference_id":"RHSA-2022:5821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5821"},{"reference_url":"https://usn.ubuntu.com/5489-1/","reference_id":"USN-5489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2021-4207"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yt3z-g3w7-xfa5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35422?format=json","vulnerability_id":"VCID-zf4c-x45c-tudm","summary":"Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0358.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0358.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0358","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10785","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1092","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10984","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1081","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10886","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10939","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1094","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10907","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10885","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10749","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10762","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10883","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10844","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10802","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10742","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2044863","reference_id":"2044863","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2044863"},{"reference_url":"https://security.gentoo.org/glsa/202208-27","reference_id":"GLSA-202208-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0759","reference_id":"RHSA-2022:0759","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0759"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0886","reference_id":"RHSA-2022:0886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0949","reference_id":"RHSA-2022:0949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0971","reference_id":"RHSA-2022:0971","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0971"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0973","reference_id":"RHSA-2022:0973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0973"},{"reference_url":"https://usn.ubuntu.com/5307-1/","reference_id":"USN-5307-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5307-1/"},{"reference_url":"https://usn.ubuntu.com/5489-1/","reference_id":"USN-5489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2022-0358"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zf4c-x45c-tudm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61636?format=json","vulnerability_id":"VCID-zk4y-2xjp-vfcs","summary":"Multiple vulnerabilities have been found in QEMU, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13659.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13659.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13659","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10798","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10933","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10999","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10823","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10898","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10951","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10952","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10919","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10896","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10761","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10774","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10895","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10854","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10813","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10752","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1842496","reference_id":"1842496","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1842496"},{"reference_url":"https://security.gentoo.org/glsa/202011-09","reference_id":"GLSA-202011-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202011-09"},{"reference_url":"https://usn.ubuntu.com/4467-1/","reference_id":"USN-4467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-1/"},{"reference_url":"https://usn.ubuntu.com/4467-2/","reference_id":"USN-4467-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4467-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037820?format=json","purl":"pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-145f-vwpy-ukfg"},{"vulnerability":"VCID-14d3-jbv3-xbbe"},{"vulnerability":"VCID-1g7f-6q39-fyhx"},{"vulnerability":"VCID-28wt-9aqz-xqbg"},{"vulnerability":"VCID-29bt-r6ya-jfhu"},{"vulnerability":"VCID-29d8-uet3-syfh"},{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3wee-2xay-r7bt"},{"vulnerability":"VCID-4848-dnv8-bqez"},{"vulnerability":"VCID-4d66-e766-q7ch"},{"vulnerability":"VCID-4unz-8jyy-qfdc"},{"vulnerability":"VCID-5t1d-ve8h-9ba1"},{"vulnerability":"VCID-5ur6-6ec3-p7bt"},{"vulnerability":"VCID-6ef4-c38a-j7ca"},{"vulnerability":"VCID-6fs3-3a9w-xycq"},{"vulnerability":"VCID-6hqu-ecs5-zqeb"},{"vulnerability":"VCID-6pkj-axqp-duf1"},{"vulnerability":"VCID-6xcc-y2jp-nufx"},{"vulnerability":"VCID-7mhs-m1r3-n3ag"},{"vulnerability":"VCID-7w6v-ewcn-kkdz"},{"vulnerability":"VCID-7zkh-xs1s-guh6"},{"vulnerability":"VCID-8cnu-b5en-7ye3"},{"vulnerability":"VCID-8jjd-u5mc-zbde"},{"vulnerability":"VCID-8kzh-2gr5-e7gu"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-93gr-c812-uud8"},{"vulnerability":"VCID-955d-q41q-4uau"},{"vulnerability":"VCID-9rpr-g2sm-yqb6"},{"vulnerability":"VCID-ap2r-g7ew-kqed"},{"vulnerability":"VCID-bcps-uatt-wkd7"},{"vulnerability":"VCID-be1r-pq33-abg5"},{"vulnerability":"VCID-br4x-bpvj-puhr"},{"vulnerability":"VCID-burb-pa38-fqhw"},{"vulnerability":"VCID-c4ky-b4y8-kqd5"},{"vulnerability":"VCID-cgq2-b6my-eucg"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d6gd-j7ks-xkgk"},{"vulnerability":"VCID-dqbd-gqg9-2kgs"},{"vulnerability":"VCID-drqf-646q-xqf3"},{"vulnerability":"VCID-e99n-gc79-cqcy"},{"vulnerability":"VCID-eb18-wa2w-q7bn"},{"vulnerability":"VCID-een8-8kc5-qfcx"},{"vulnerability":"VCID-egyg-bbm9-8qea"},{"vulnerability":"VCID-eqp6-raqc-dkch"},{"vulnerability":"VCID-ewsp-7ydm-5ub3"},{"vulnerability":"VCID-ezm8-pq4d-mkhg"},{"vulnerability":"VCID-f2fx-sqtp-8yhe"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-ffd9-9wm1-rffs"},{"vulnerability":"VCID-fucx-q3j9-qkat"},{"vulnerability":"VCID-gqtx-g1cs-6ybn"},{"vulnerability":"VCID-h22r-c3az-3fa3"},{"vulnerability":"VCID-h5sc-3zrc-23dn"},{"vulnerability":"VCID-hq1b-c1ew-kkga"},{"vulnerability":"VCID-hrhp-htnd-7bbx"},{"vulnerability":"VCID-j11x-bba3-zkdj"},{"vulnerability":"VCID-j1gy-ttz5-1yct"},{"vulnerability":"VCID-j6hs-wm45-s3ej"},{"vulnerability":"VCID-jmca-kswb-1beq"},{"vulnerability":"VCID-juek-f6et-x7eb"},{"vulnerability":"VCID-ke54-4uc4-rkbs"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-mn7m-an9j-yucj"},{"vulnerability":"VCID-nb4k-f7rm-kuhg"},{"vulnerability":"VCID-ne4d-zj65-qkgx"},{"vulnerability":"VCID-nuwe-tupt-wfhg"},{"vulnerability":"VCID-p2we-9qfu-17eb"},{"vulnerability":"VCID-phfy-zv23-sqcr"},{"vulnerability":"VCID-q38v-9gvs-sydf"},{"vulnerability":"VCID-qejd-5dkk-muhc"},{"vulnerability":"VCID-qn73-3gkb-rkbm"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-r47h-wdgy-7bga"},{"vulnerability":"VCID-r51r-u7mq-93cy"},{"vulnerability":"VCID-re83-uvh8-5bgq"},{"vulnerability":"VCID-ruzy-eqc8-5ubs"},{"vulnerability":"VCID-rvs5-s55e-9ueb"},{"vulnerability":"VCID-rz5x-q1ne-53he"},{"vulnerability":"VCID-sy57-hngf-d3gn"},{"vulnerability":"VCID-t2y3-nbz8-jqa7"},{"vulnerability":"VCID-t44w-g1ys-47e6"},{"vulnerability":"VCID-t6cq-kfkw-wbch"},{"vulnerability":"VCID-takm-jn93-eqgb"},{"vulnerability":"VCID-tk7k-71bb-97hh"},{"vulnerability":"VCID-tyv8-tzu8-23fj"},{"vulnerability":"VCID-u1wj-9rfp-wyea"},{"vulnerability":"VCID-vbq6-qtub-ffbg"},{"vulnerability":"VCID-vpp8-a7sw-pqef"},{"vulnerability":"VCID-vpu8-k8me-tfe6"},{"vulnerability":"VCID-vrwy-exwv-vyhr"},{"vulnerability":"VCID-vvaj-skpn-u3ar"},{"vulnerability":"VCID-wdjx-9f36-abgu"},{"vulnerability":"VCID-wg5b-8smu-b3fm"},{"vulnerability":"VCID-wjxf-kgdw-2kau"},{"vulnerability":"VCID-wm9d-ymbb-sfdc"},{"vulnerability":"VCID-wyr6-c2nv-p3a2"},{"vulnerability":"VCID-x8ue-gf65-uket"},{"vulnerability":"VCID-ycrs-vy13-wbff"},{"vulnerability":"VCID-yt3z-g3w7-xfa5"},{"vulnerability":"VCID-zf4c-x45c-tudm"},{"vulnerability":"VCID-zk4y-2xjp-vfcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994909?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ew5-8dfe-u3d8"},{"vulnerability":"VCID-3kyg-9mf3-kfft"},{"vulnerability":"VCID-46gg-8h8g-2kf5"},{"vulnerability":"VCID-4mt9-kf9m-2fbz"},{"vulnerability":"VCID-6qnt-yaa3-p3bb"},{"vulnerability":"VCID-91y7-ceje-jbd3"},{"vulnerability":"VCID-cenj-mz55-jbg6"},{"vulnerability":"VCID-cnyg-wvxr-gqg3"},{"vulnerability":"VCID-d2ve-dnmj-4bbz"},{"vulnerability":"VCID-ej5p-r4az-6ud2"},{"vulnerability":"VCID-ewb7-nrtu-g7ex"},{"vulnerability":"VCID-f4sq-73vu-sfdq"},{"vulnerability":"VCID-gc6n-kgsc-f3b6"},{"vulnerability":"VCID-kx81-eex4-hug8"},{"vulnerability":"VCID-m47q-17n6-t7gg"},{"vulnerability":"VCID-mtj9-1cns-yybw"},{"vulnerability":"VCID-n71j-fz74-kyhf"},{"vulnerability":"VCID-p2dz-mtns-5bb4"},{"vulnerability":"VCID-ptty-88p4-ybe9"},{"vulnerability":"VCID-pxjg-chmx-nkdc"},{"vulnerability":"VCID-qh2s-apkz-sbaz"},{"vulnerability":"VCID-qs61-1esc-c3cz"},{"vulnerability":"VCID-t58m-9jqp-43c9"},{"vulnerability":"VCID-t5gq-4bhn-gkej"},{"vulnerability":"VCID-uzxc-npak-yyc4"},{"vulnerability":"VCID-w7gc-1eh2-3ufu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}],"aliases":["CVE-2020-13659"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zk4y-2xjp-vfcs"}],"risk_score":"3.7","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3"}