Package List

reference_id

AVG-335

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-3142

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::
reference_id	cpe:2.3:a:isc:bind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.5:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.10.5:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.5:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.5:s1::::::
reference_id	cpe:2.3:a:isc:bind:9.10.5:s1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.5:s1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.5:s2::::::
reference_id	cpe:2.3:a:isc:bind:9.10.5:s2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.5:s2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.1:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.11.1:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.1:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.0:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.9.0:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.0:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.10:s2::::::
reference_id	cpe:2.3:a:isc:bind:9.9.10:s2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.10:s2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.3:s1::::::
reference_id	cpe:2.3:a:isc:bind:9.9.3:s1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.3:s1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

reference_id

CVE-2017-3142

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-3142

reference_url	https://access.redhat.com/errata/RHSA-2017:1679
reference_id	RHSA-2017:1679
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1679

reference_url	https://access.redhat.com/errata/RHSA-2017:1680
reference_id	RHSA-2017:1680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1680

reference_url	https://usn.ubuntu.com/3346-1/
reference_id	USN-3346-1
reference_type
scores
url	https://usn.ubuntu.com/3346-1/

reference_url	https://usn.ubuntu.com/3346-3/
reference_id	USN-3346-3
reference_type
scores
url	https://usn.ubuntu.com/3346-3/

fixed_packages

url	pkg:alpm/archlinux/bind@9.11.1.P2-1
purl	pkg:alpm/archlinux/bind@9.11.1.P2-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.11.1.P2-1

aliases CVE-2017-3142

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ddg3-vmpb-cbhs

url VCID-tg7b-ra4c-cue1

vulnerability_id VCID-tg7b-ra4c-cue1

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3143.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3143.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-3143

reference_id

reference_type

scores

value	0.26927
scoring_system	epss
scoring_elements	0.96329
published_at	2026-04-01T12:55:00Z

value	0.26927
scoring_system	epss
scoring_elements	0.96364
published_at	2026-04-13T12:55:00Z

value	0.26927
scoring_system	epss
scoring_elements	0.96337
published_at	2026-04-02T12:55:00Z

value	0.26927
scoring_system	epss
scoring_elements	0.96341
published_at	2026-04-04T12:55:00Z

value	0.26927
scoring_system	epss
scoring_elements	0.96345
published_at	2026-04-07T12:55:00Z

value	0.26927
scoring_system	epss
scoring_elements	0.96353
published_at	2026-04-08T12:55:00Z

value	0.26927
scoring_system	epss
scoring_elements	0.96357
published_at	2026-04-09T12:55:00Z

value	0.26927
scoring_system	epss
scoring_elements	0.96361
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-3143

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3142
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3142

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3143
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3143

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:C/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03772en_us
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03772en_us

reference_url	https://kb.isc.org/docs/aa-01503
reference_id
reference_type
scores
url	https://kb.isc.org/docs/aa-01503

reference_url	https://security.netapp.com/advisory/ntap-20190830-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190830-0003/

reference_url	https://www.debian.org/security/2017/dsa-3904
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3904

reference_url	http://www.securityfocus.com/bid/99337
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/99337

reference_url	http://www.securitytracker.com/id/1038809
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1038809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1466193
reference_id	1466193
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1466193

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866564
reference_id	866564
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866564

reference_url	https://security.archlinux.org/ASA-201707-3
reference_id	ASA-201707-3
reference_type
scores
url	https://security.archlinux.org/ASA-201707-3

reference_url

reference_id

AVG-335

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-3143

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::
reference_id	cpe:2.3:a:isc:bind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.5:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.10.5:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.5:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.5:s1::::::
reference_id	cpe:2.3:a:isc:bind:9.10.5:s1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.5:s1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.5:s2::::::
reference_id	cpe:2.3:a:isc:bind:9.10.5:s2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.5:s2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.1:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.11.1:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.1:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.0:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.9.0:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.0:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.10:s2::::::
reference_id	cpe:2.3:a:isc:bind:9.9.10:s2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.10:s2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.3:s1::::::
reference_id	cpe:2.3:a:isc:bind:9.9.3:s1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.3:s1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

reference_id

CVE-2017-3143

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-3143

reference_url	https://access.redhat.com/errata/RHSA-2017:1679
reference_id	RHSA-2017:1679
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1679

reference_url	https://access.redhat.com/errata/RHSA-2017:1680
reference_id	RHSA-2017:1680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1680

reference_url	https://usn.ubuntu.com/3346-1/
reference_id	USN-3346-1
reference_type
scores
url	https://usn.ubuntu.com/3346-1/

reference_url	https://usn.ubuntu.com/3346-3/
reference_id	USN-3346-3
reference_type
scores
url	https://usn.ubuntu.com/3346-3/

fixed_packages

url	pkg:alpm/archlinux/bind@9.11.1.P2-1
purl	pkg:alpm/archlinux/bind@9.11.1.P2-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.11.1.P2-1

aliases CVE-2017-3143

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tg7b-ra4c-cue1

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.11.1.P2-1

pkg:alpm/archlinux/bind@9.11.2-1

alpm

archlinux

bind

9.11.2-1

true

9.11.2.P1-1

9.20.9-1

url VCID-s9ua-j61v-jbch

vulnerability_id VCID-s9ua-j61v-jbch

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3145.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3145.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-3145

reference_id

reference_type

scores

value	0.0799
scoring_system	epss
scoring_elements	0.92054
published_at	2026-04-01T12:55:00Z

value	0.0799
scoring_system	epss
scoring_elements	0.92087
published_at	2026-04-13T12:55:00Z

value	0.0799
scoring_system	epss
scoring_elements	0.92088
published_at	2026-04-09T12:55:00Z

value	0.0799
scoring_system	epss
scoring_elements	0.92092
published_at	2026-04-12T12:55:00Z

value	0.0799
scoring_system	epss
scoring_elements	0.9206
published_at	2026-04-02T12:55:00Z

value	0.0799
scoring_system	epss
scoring_elements	0.92069
published_at	2026-04-04T12:55:00Z

value	0.0799
scoring_system	epss
scoring_elements	0.92072
published_at	2026-04-07T12:55:00Z

value	0.0799
scoring_system	epss
scoring_elements	0.92084
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-3145

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3145
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3145

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1534812
reference_id	1534812
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1534812

reference_url	https://security.archlinux.org/ASA-201801-16
reference_id	ASA-201801-16
reference_type
scores
url	https://security.archlinux.org/ASA-201801-16

reference_url

reference_id

AVG-589

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3145.json

reference_url	https://access.redhat.com/errata/RHSA-2018:0101
reference_id	RHSA-2018:0101
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0101

reference_url	https://access.redhat.com/errata/RHSA-2018:0102
reference_id	RHSA-2018:0102
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0102

reference_url	https://access.redhat.com/errata/RHSA-2018:0487
reference_id	RHSA-2018:0487
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0487

reference_url	https://access.redhat.com/errata/RHSA-2018:0488
reference_id	RHSA-2018:0488
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0488

reference_url	https://usn.ubuntu.com/3535-1/
reference_id	USN-3535-1
reference_type
scores
url	https://usn.ubuntu.com/3535-1/

reference_url	https://usn.ubuntu.com/3535-2/
reference_id	USN-3535-2
reference_type
scores
url	https://usn.ubuntu.com/3535-2/

fixed_packages

url	pkg:alpm/archlinux/bind@9.11.2.P1-1
purl	pkg:alpm/archlinux/bind@9.11.2.P1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.11.2.P1-1

aliases CVE-2017-3145

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s9ua-j61v-jbch

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.11.2-1

pkg:alpm/archlinux/bind@9.11.2.P1-1

alpm

archlinux

bind

9.11.2.P1-1

false

9.12.1.P2-1

9.20.9-1

url VCID-s9ua-j61v-jbch

vulnerability_id VCID-s9ua-j61v-jbch

summary security update

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3145.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-3145

reference_id

reference_type

scores

value	0.0799
scoring_system	epss
scoring_elements	0.92054
published_at	2026-04-01T12:55:00Z

value	0.0799
scoring_system	epss
scoring_elements	0.92087
published_at	2026-04-13T12:55:00Z

value	0.0799
scoring_system	epss
scoring_elements	0.92088
published_at	2026-04-09T12:55:00Z

value	0.0799
scoring_system	epss
scoring_elements	0.92092
published_at	2026-04-12T12:55:00Z

value	0.0799
scoring_system	epss
scoring_elements	0.9206
published_at	2026-04-02T12:55:00Z

value	0.0799
scoring_system	epss
scoring_elements	0.92069
published_at	2026-04-04T12:55:00Z

value	0.0799
scoring_system	epss
scoring_elements	0.92072
published_at	2026-04-07T12:55:00Z

value	0.0799
scoring_system	epss
scoring_elements	0.92084
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-3145

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3145
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3145

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1534812
reference_id	1534812
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1534812

reference_url	https://security.archlinux.org/ASA-201801-16
reference_id	ASA-201801-16
reference_type
scores
url	https://security.archlinux.org/ASA-201801-16

reference_url

reference_id

AVG-589

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5736.json

reference_url	https://access.redhat.com/errata/RHSA-2018:0101
reference_id	RHSA-2018:0101
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0101

reference_url	https://access.redhat.com/errata/RHSA-2018:0102
reference_id	RHSA-2018:0102
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0102

reference_url	https://access.redhat.com/errata/RHSA-2018:0487
reference_id	RHSA-2018:0487
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0487

reference_url	https://access.redhat.com/errata/RHSA-2018:0488
reference_id	RHSA-2018:0488
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0488

reference_url	https://usn.ubuntu.com/3535-1/
reference_id	USN-3535-1
reference_type
scores
url	https://usn.ubuntu.com/3535-1/

reference_url	https://usn.ubuntu.com/3535-2/
reference_id	USN-3535-2
reference_type
scores
url	https://usn.ubuntu.com/3535-2/

fixed_packages

url	pkg:alpm/archlinux/bind@9.11.2.P1-1
purl	pkg:alpm/archlinux/bind@9.11.2.P1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.11.2.P1-1

aliases CVE-2017-3145

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s9ua-j61v-jbch

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.11.2.P1-1

pkg:alpm/archlinux/bind@9.12.1-1

alpm

archlinux

bind

9.12.1-1

true

9.12.1.P2-1

9.20.9-1

url VCID-29ng-3xgz-hbh5

vulnerability_id VCID-29ng-3xgz-hbh5

summary bind: Multiple transfers of a zone in quick succession can cause an assertion failure in rbtdb.c

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5736.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5736

reference_id

reference_type

scores

value	0.42906
scoring_system	epss
scoring_elements	0.97457
published_at	2026-04-01T12:55:00Z

value	0.42906
scoring_system	epss
scoring_elements	0.97482
published_at	2026-04-13T12:55:00Z

value	0.42906
scoring_system	epss
scoring_elements	0.97476
published_at	2026-04-09T12:55:00Z

value	0.42906
scoring_system	epss
scoring_elements	0.97479
published_at	2026-04-11T12:55:00Z

value	0.42906
scoring_system	epss
scoring_elements	0.97481
published_at	2026-04-12T12:55:00Z

value	0.42906
scoring_system	epss
scoring_elements	0.97464
published_at	2026-04-02T12:55:00Z

value	0.42906
scoring_system	epss
scoring_elements	0.97468
published_at	2026-04-07T12:55:00Z

value	0.42906
scoring_system	epss
scoring_elements	0.97475
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5736

reference_url	https://kb.isc.org/docs/aa-01602
reference_id
reference_type
scores
url	https://kb.isc.org/docs/aa-01602

reference_url	https://security.netapp.com/advisory/ntap-20180926-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20180926-0004/

reference_url	http://www.securityfocus.com/bid/104386
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104386

reference_url	http://www.securitytracker.com/id/1040941
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040941

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1578591
reference_id	1578591
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1578591

reference_url	https://security.archlinux.org/ASA-201805-20
reference_id	ASA-201805-20
reference_type
scores
url	https://security.archlinux.org/ASA-201805-20

reference_url

reference_id

AVG-706

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:::::::*
reference_id	cpe:2.3:a:isc:bind:9.12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:::::::*
reference_id	cpe:2.3:a:isc:bind:9.12.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:::::::*
reference_id	cpe:2.3:a:netapp:cloud_backup:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:data_ontap_edge:-:::::::*
reference_id	cpe:2.3:a:netapp:data_ontap_edge:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:data_ontap_edge:-:::::::*

reference_url

reference_id

CVE-2018-5736

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5737.json

fixed_packages

url	pkg:alpm/archlinux/bind@9.12.1.P2-1
purl	pkg:alpm/archlinux/bind@9.12.1.P2-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.12.1.P2-1

aliases CVE-2018-5736

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-29ng-3xgz-hbh5

url VCID-5pz4-bxq7-27gh

vulnerability_id VCID-5pz4-bxq7-27gh

summary bind: Interaction between NSEC aggresive negative caching and the serve-stale feature can cause a denial of service

references

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5737.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5737

reference_id

reference_type

scores

value	0.01186
scoring_system	epss
scoring_elements	0.7874
published_at	2026-04-01T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.78791
published_at	2026-04-13T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.78787
published_at	2026-04-08T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.78794
published_at	2026-04-09T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.78817
published_at	2026-04-11T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.788
published_at	2026-04-12T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.78748
published_at	2026-04-02T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.78779
published_at	2026-04-04T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.78761
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5737

reference_url	https://kb.isc.org/docs/aa-01606
reference_id
reference_type
scores
url	https://kb.isc.org/docs/aa-01606

reference_url	https://security.netapp.com/advisory/ntap-20180926-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20180926-0004/

reference_url	http://www.securityfocus.com/bid/104236
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104236

reference_url	http://www.securitytracker.com/id/1040942
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040942

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1578593
reference_id	1578593
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1578593

reference_url	https://security.archlinux.org/ASA-201805-20
reference_id	ASA-201805-20
reference_type
scores
url	https://security.archlinux.org/ASA-201805-20

reference_url

reference_id

AVG-706

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:::::::*
reference_id	cpe:2.3:a:isc:bind:9.12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:::::::*
reference_id	cpe:2.3:a:isc:bind:9.12.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:::::::*
reference_id	cpe:2.3:a:netapp:cloud_backup:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:data_ontap_edge:-:::::::*
reference_id	cpe:2.3:a:netapp:data_ontap_edge:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:data_ontap_edge:-:::::::*

reference_url

reference_id

CVE-2018-5737

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5736.json

fixed_packages

url	pkg:alpm/archlinux/bind@9.12.1.P2-1
purl	pkg:alpm/archlinux/bind@9.12.1.P2-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.12.1.P2-1

aliases CVE-2018-5737

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5pz4-bxq7-27gh

3.4

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.12.1-1

pkg:alpm/archlinux/bind@9.12.1.P2-1

alpm

archlinux

bind

9.12.1.P2-1

false

9.13.2-1

9.20.9-1

url VCID-29ng-3xgz-hbh5

vulnerability_id VCID-29ng-3xgz-hbh5

summary bind: Multiple transfers of a zone in quick succession can cause an assertion failure in rbtdb.c

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5736.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5736

reference_id

reference_type

scores

value	0.42906
scoring_system	epss
scoring_elements	0.97457
published_at	2026-04-01T12:55:00Z

value	0.42906
scoring_system	epss
scoring_elements	0.97482
published_at	2026-04-13T12:55:00Z

value	0.42906
scoring_system	epss
scoring_elements	0.97476
published_at	2026-04-09T12:55:00Z

value	0.42906
scoring_system	epss
scoring_elements	0.97479
published_at	2026-04-11T12:55:00Z

value	0.42906
scoring_system	epss
scoring_elements	0.97481
published_at	2026-04-12T12:55:00Z

value	0.42906
scoring_system	epss
scoring_elements	0.97464
published_at	2026-04-02T12:55:00Z

value	0.42906
scoring_system	epss
scoring_elements	0.97468
published_at	2026-04-07T12:55:00Z

value	0.42906
scoring_system	epss
scoring_elements	0.97475
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5736

reference_url	https://kb.isc.org/docs/aa-01602
reference_id
reference_type
scores
url	https://kb.isc.org/docs/aa-01602

reference_url	https://security.netapp.com/advisory/ntap-20180926-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20180926-0004/

reference_url	http://www.securityfocus.com/bid/104386
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104386

reference_url	http://www.securitytracker.com/id/1040941
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040941

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1578591
reference_id	1578591
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1578591

reference_url	https://security.archlinux.org/ASA-201805-20
reference_id	ASA-201805-20
reference_type
scores
url	https://security.archlinux.org/ASA-201805-20

reference_url

reference_id

AVG-706

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:::::::*
reference_id	cpe:2.3:a:isc:bind:9.12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:::::::*
reference_id	cpe:2.3:a:isc:bind:9.12.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:::::::*
reference_id	cpe:2.3:a:netapp:cloud_backup:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:data_ontap_edge:-:::::::*
reference_id	cpe:2.3:a:netapp:data_ontap_edge:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:data_ontap_edge:-:::::::*

reference_url

reference_id

CVE-2018-5736

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5737.json

fixed_packages

url	pkg:alpm/archlinux/bind@9.12.1.P2-1
purl	pkg:alpm/archlinux/bind@9.12.1.P2-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.12.1.P2-1

aliases CVE-2018-5736

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-29ng-3xgz-hbh5

url VCID-5pz4-bxq7-27gh

vulnerability_id VCID-5pz4-bxq7-27gh

summary bind: Interaction between NSEC aggresive negative caching and the serve-stale feature can cause a denial of service

references

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5737.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5737

reference_id

reference_type

scores

value	0.01186
scoring_system	epss
scoring_elements	0.7874
published_at	2026-04-01T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.78791
published_at	2026-04-13T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.78787
published_at	2026-04-08T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.78794
published_at	2026-04-09T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.78817
published_at	2026-04-11T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.788
published_at	2026-04-12T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.78748
published_at	2026-04-02T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.78779
published_at	2026-04-04T12:55:00Z

value	0.01186
scoring_system	epss
scoring_elements	0.78761
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5737

reference_url	https://kb.isc.org/docs/aa-01606
reference_id
reference_type
scores
url	https://kb.isc.org/docs/aa-01606

reference_url	https://security.netapp.com/advisory/ntap-20180926-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20180926-0004/

reference_url	http://www.securityfocus.com/bid/104236
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104236

reference_url	http://www.securitytracker.com/id/1040942
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040942

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1578593
reference_id	1578593
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1578593

reference_url	https://security.archlinux.org/ASA-201805-20
reference_id	ASA-201805-20
reference_type
scores
url	https://security.archlinux.org/ASA-201805-20

reference_url

reference_id

AVG-706

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:::::::*
reference_id	cpe:2.3:a:isc:bind:9.12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:::::::*
reference_id	cpe:2.3:a:isc:bind:9.12.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:::::::*
reference_id	cpe:2.3:a:netapp:cloud_backup:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:data_ontap_edge:-:::::::*
reference_id	cpe:2.3:a:netapp:data_ontap_edge:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:data_ontap_edge:-:::::::*

reference_url

reference_id

CVE-2018-5737

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5738.json

fixed_packages

url	pkg:alpm/archlinux/bind@9.12.1.P2-1
purl	pkg:alpm/archlinux/bind@9.12.1.P2-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.12.1.P2-1

aliases CVE-2018-5737

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5pz4-bxq7-27gh

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.12.1.P2-1

pkg:alpm/archlinux/bind@9.13.0-2

alpm

archlinux

bind

9.13.0-2

true

9.13.2-1

9.20.9-1

url VCID-3kvk-745c-tfaf

vulnerability_id VCID-3kvk-745c-tfaf

summary

Multiple vulnerabilities have been found in BIND, the worst of
    which could result in a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5738.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5738

reference_id

reference_type

scores

value	0.03303
scoring_system	epss
scoring_elements	0.87181
published_at	2026-04-01T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87235
published_at	2026-04-13T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87205
published_at	2026-04-07T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87226
published_at	2026-04-08T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87233
published_at	2026-04-09T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87246
published_at	2026-04-11T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87239
published_at	2026-04-12T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87191
published_at	2026-04-02T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87208
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5738

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://kb.isc.org/docs/aa-01616
reference_id
reference_type
scores
url	https://kb.isc.org/docs/aa-01616

reference_url	https://security.netapp.com/advisory/ntap-20190830-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190830-0002/

reference_url	http://www.securitytracker.com/id/1041115
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1041115

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1589616
reference_id	1589616
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1589616

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901483
reference_id	901483
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901483

reference_url

reference_id

AVG-718

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:::::::*
reference_id	cpe:2.3:a:isc:bind:9.10.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:s1::::::
reference_id	cpe:2.3:a:isc:bind:9.10.7:s1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:s1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.3:::::::*
reference_id	cpe:2.3:a:isc:bind:9.11.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.3:s1::::::
reference_id	cpe:2.3:a:isc:bind:9.11.3:s1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.3:s1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.3:s2::::::
reference_id	cpe:2.3:a:isc:bind:9.11.3:s2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.3:s2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:::::::*
reference_id	cpe:2.3:a:isc:bind:9.12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:a1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.0:a1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:a1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:b1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.0:b1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:b1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:b2::::::
reference_id	cpe:2.3:a:isc:bind:9.12.0:b2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:b2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:rc1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:rc3::::::
reference_id	cpe:2.3:a:isc:bind:9.12.0:rc3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:rc3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:::::::*
reference_id	cpe:2.3:a:isc:bind:9.12.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.1:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:p2::::::
reference_id	cpe:2.3:a:isc:bind:9.12.1:p2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:p2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.13.0:::::::*
reference_id	cpe:2.3:a:isc:bind:9.13.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.13.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.12:::::::*
reference_id	cpe:2.3:a:isc:bind:9.9.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.12:s1::::::
reference_id	cpe:2.3:a:isc:bind:9.9.12:s1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.12:s1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url

reference_id

CVE-2018-5738

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5738.json

reference_url	https://security.gentoo.org/glsa/201903-13
reference_id	GLSA-201903-13
reference_type
scores
url	https://security.gentoo.org/glsa/201903-13

reference_url	https://usn.ubuntu.com/3683-1/
reference_id	USN-3683-1
reference_type
scores
url	https://usn.ubuntu.com/3683-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.13.2-1
purl	pkg:alpm/archlinux/bind@9.13.2-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.13.2-1

aliases CVE-2018-5738

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kvk-745c-tfaf

3.4

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.13.0-2

pkg:alpm/archlinux/bind@9.13.2-1

alpm

archlinux

bind

9.13.2-1

false

9.13.7-1

9.20.9-1

url VCID-3kvk-745c-tfaf

vulnerability_id VCID-3kvk-745c-tfaf

summary

Multiple vulnerabilities have been found in BIND, the worst of
    which could result in a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5738.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5738

reference_id

reference_type

scores

value	0.03303
scoring_system	epss
scoring_elements	0.87181
published_at	2026-04-01T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87235
published_at	2026-04-13T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87205
published_at	2026-04-07T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87226
published_at	2026-04-08T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87233
published_at	2026-04-09T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87246
published_at	2026-04-11T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87239
published_at	2026-04-12T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87191
published_at	2026-04-02T12:55:00Z

value	0.03303
scoring_system	epss
scoring_elements	0.87208
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5738

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://kb.isc.org/docs/aa-01616
reference_id
reference_type
scores
url	https://kb.isc.org/docs/aa-01616

reference_url	https://security.netapp.com/advisory/ntap-20190830-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190830-0002/

reference_url	http://www.securitytracker.com/id/1041115
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1041115

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1589616
reference_id	1589616
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1589616

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901483
reference_id	901483
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901483

reference_url

reference_id

AVG-718

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:::::::*
reference_id	cpe:2.3:a:isc:bind:9.10.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:s1::::::
reference_id	cpe:2.3:a:isc:bind:9.10.7:s1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:s1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.3:::::::*
reference_id	cpe:2.3:a:isc:bind:9.11.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.3:s1::::::
reference_id	cpe:2.3:a:isc:bind:9.11.3:s1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.3:s1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.3:s2::::::
reference_id	cpe:2.3:a:isc:bind:9.11.3:s2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.3:s2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:::::::*
reference_id	cpe:2.3:a:isc:bind:9.12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:a1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.0:a1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:a1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:b1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.0:b1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:b1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:b2::::::
reference_id	cpe:2.3:a:isc:bind:9.12.0:b2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:b2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:rc1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:rc3::::::
reference_id	cpe:2.3:a:isc:bind:9.12.0:rc3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.0:rc3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:::::::*
reference_id	cpe:2.3:a:isc:bind:9.12.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.1:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:p2::::::
reference_id	cpe:2.3:a:isc:bind:9.12.1:p2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.1:p2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.13.0:::::::*
reference_id	cpe:2.3:a:isc:bind:9.13.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.13.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.12:::::::*
reference_id	cpe:2.3:a:isc:bind:9.9.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.12:s1::::::
reference_id	cpe:2.3:a:isc:bind:9.9.12:s1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.12:s1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url

reference_id

CVE-2018-5738

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6465.json

reference_url	https://security.gentoo.org/glsa/201903-13
reference_id	GLSA-201903-13
reference_type
scores
url	https://security.gentoo.org/glsa/201903-13

reference_url	https://usn.ubuntu.com/3683-1/
reference_id	USN-3683-1
reference_type
scores
url	https://usn.ubuntu.com/3683-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.13.2-1
purl	pkg:alpm/archlinux/bind@9.13.2-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.13.2-1

aliases CVE-2018-5738

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kvk-745c-tfaf

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.13.2-1

pkg:alpm/archlinux/bind@9.13.5-5

alpm

archlinux

bind

9.13.5-5

true

9.13.7-1

9.20.9-1

url VCID-4sf3-myam-p3bp

vulnerability_id VCID-4sf3-myam-p3bp

summary security update

references

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6465.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6465

reference_id

reference_type

scores

value	0.0128
scoring_system	epss
scoring_elements	0.79523
published_at	2026-04-01T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79571
published_at	2026-04-13T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79538
published_at	2026-04-07T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79566
published_at	2026-04-08T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79573
published_at	2026-04-09T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79595
published_at	2026-04-11T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79579
published_at	2026-04-12T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79529
published_at	2026-04-02T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79551
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6465

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://kb.isc.org/docs/cve-2019-6465
reference_id
reference_type
scores
url	https://kb.isc.org/docs/cve-2019-6465

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1679304
reference_id	1679304
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1679304

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922955
reference_id	922955
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922955

reference_url	https://security.archlinux.org/ASA-201902-25
reference_id	ASA-201902-25
reference_type
scores
url	https://security.archlinux.org/ASA-201902-25

reference_url

reference_id

AVG-915

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::
reference_id	cpe:2.3:a:isc:bind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:-::::::
reference_id	cpe:2.3:a:isc:bind:9.10.8:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.10.8:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:-::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p2::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:p2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:s3:::supported_preview:::*
reference_id	cpe:2.3:a:isc:bind:9.11.5:s3:::supported_preview:::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:s3:::supported_preview:::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:-::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p2::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:p2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.3:s1::::::
reference_id	cpe:2.3:a:isc:bind:9.9.3:s1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.3:s1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url

reference_id

CVE-2019-6465

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5744.json

reference_url	https://access.redhat.com/errata/RHSA-2019:3552
reference_id	RHSA-2019:3552
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3552

reference_url	https://access.redhat.com/errata/RHSA-2020:1061
reference_id	RHSA-2020:1061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1061

reference_url	https://usn.ubuntu.com/3893-1/
reference_id	USN-3893-1
reference_type
scores
url	https://usn.ubuntu.com/3893-1/

reference_url	https://usn.ubuntu.com/3893-2/
reference_id	USN-3893-2
reference_type
scores
url	https://usn.ubuntu.com/3893-2/

fixed_packages

url	pkg:alpm/archlinux/bind@9.13.7-1
purl	pkg:alpm/archlinux/bind@9.13.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.13.7-1

aliases CVE-2019-6465

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4sf3-myam-p3bp

url VCID-e8xu-cq82-x3bw

vulnerability_id VCID-e8xu-cq82-x3bw

summary bind: A specially crafted packet can cause named to leak memory

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5744.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5744

reference_id

reference_type

scores

value	0.04441
scoring_system	epss
scoring_elements	0.88999
published_at	2026-04-01T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89052
published_at	2026-04-13T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89024
published_at	2026-04-07T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89042
published_at	2026-04-08T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89047
published_at	2026-04-09T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89059
published_at	2026-04-11T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89055
published_at	2026-04-12T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89007
published_at	2026-04-02T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89022
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5744

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://kb.isc.org/docs/cve-2018-5744
reference_id
reference_type
scores
url	https://kb.isc.org/docs/cve-2018-5744

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1679299
reference_id	1679299
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1679299

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922953
reference_id	922953
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922953

reference_url	https://security.archlinux.org/ASA-201902-25
reference_id	ASA-201902-25
reference_type
scores
url	https://security.archlinux.org/ASA-201902-25

reference_url

reference_id

AVG-915

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::
reference_id	cpe:2.3:a:isc:bind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:s1:::supported_preview:::*
reference_id	cpe:2.3:a:isc:bind:9.10.7:s1:::supported_preview:::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:s1:::supported_preview:::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:-::::::
reference_id	cpe:2.3:a:isc:bind:9.10.8:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.10.8:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:rc1::::::
reference_id	cpe:2.3:a:isc:bind:9.10.8:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:rc2::::::
reference_id	cpe:2.3:a:isc:bind:9.10.8:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:-::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:rc1::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:s3:::supported_preview:::*
reference_id	cpe:2.3:a:isc:bind:9.11.5:s3:::supported_preview:::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:s3:::supported_preview:::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:-::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:rc1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:rc1::::::

reference_url

reference_id

CVE-2018-5744

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5745.json

reference_url	https://usn.ubuntu.com/3893-1/
reference_id	USN-3893-1
reference_type
scores
url	https://usn.ubuntu.com/3893-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.13.7-1
purl	pkg:alpm/archlinux/bind@9.13.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.13.7-1

aliases CVE-2018-5744

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e8xu-cq82-x3bw

url VCID-sna2-5cuy-4fa2

vulnerability_id VCID-sna2-5cuy-4fa2

summary security update

references

reference_url

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5745.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5745

reference_id

reference_type

scores

value	0.0053
scoring_system	epss
scoring_elements	0.67154
published_at	2026-04-01T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67191
published_at	2026-04-07T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67215
published_at	2026-04-04T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67242
published_at	2026-04-08T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67256
published_at	2026-04-09T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67276
published_at	2026-04-11T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67262
published_at	2026-04-12T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67382
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://kb.isc.org/docs/cve-2018-5745
reference_id
reference_type
scores
url	https://kb.isc.org/docs/cve-2018-5745

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1679303
reference_id	1679303
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1679303

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922954
reference_id	922954
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922954

reference_url	https://security.archlinux.org/ASA-201902-25
reference_id	ASA-201902-25
reference_type
scores
url	https://security.archlinux.org/ASA-201902-25

reference_url

reference_id

AVG-915

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::
reference_id	cpe:2.3:a:isc:bind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:-::::::
reference_id	cpe:2.3:a:isc:bind:9.10.7:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.10.8:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:-::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:s3::::supported_preview::*
reference_id	cpe:2.3:a:isc:bind:9.11.5:s3::::supported_preview::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:s3::::supported_preview::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:-::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.3:s1::::supported_preview::*
reference_id	cpe:2.3:a:isc:bind:9.9.3:s1::::supported_preview::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.3:s1::::supported_preview::*

reference_url

reference_id

CVE-2018-5745

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:N/A:P

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6465.json

reference_url	https://access.redhat.com/errata/RHSA-2019:3552
reference_id	RHSA-2019:3552
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3552

reference_url	https://access.redhat.com/errata/RHSA-2020:1061
reference_id	RHSA-2020:1061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1061

reference_url	https://usn.ubuntu.com/3893-1/
reference_id	USN-3893-1
reference_type
scores
url	https://usn.ubuntu.com/3893-1/

reference_url	https://usn.ubuntu.com/3893-2/
reference_id	USN-3893-2
reference_type
scores
url	https://usn.ubuntu.com/3893-2/

fixed_packages

url	pkg:alpm/archlinux/bind@9.13.7-1
purl	pkg:alpm/archlinux/bind@9.13.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.13.7-1

aliases CVE-2018-5745

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sna2-5cuy-4fa2

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.13.5-5

pkg:alpm/archlinux/bind@9.13.7-1

alpm

archlinux

bind

9.13.7-1

false

9.14.7-1

9.20.9-1

url VCID-4sf3-myam-p3bp

vulnerability_id VCID-4sf3-myam-p3bp

summary security update

references

reference_url

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6465.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6465

reference_id

reference_type

scores

value	0.0128
scoring_system	epss
scoring_elements	0.79523
published_at	2026-04-01T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79571
published_at	2026-04-13T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79538
published_at	2026-04-07T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79566
published_at	2026-04-08T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79573
published_at	2026-04-09T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79595
published_at	2026-04-11T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79579
published_at	2026-04-12T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79529
published_at	2026-04-02T12:55:00Z

value	0.0128
scoring_system	epss
scoring_elements	0.79551
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6465

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://kb.isc.org/docs/cve-2019-6465
reference_id
reference_type
scores
url	https://kb.isc.org/docs/cve-2019-6465

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1679304
reference_id	1679304
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1679304

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922955
reference_id	922955
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922955

reference_url	https://security.archlinux.org/ASA-201902-25
reference_id	ASA-201902-25
reference_type
scores
url	https://security.archlinux.org/ASA-201902-25

reference_url

reference_id

AVG-915

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::
reference_id	cpe:2.3:a:isc:bind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:-::::::
reference_id	cpe:2.3:a:isc:bind:9.10.8:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.10.8:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:-::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p2::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:p2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:s3:::supported_preview:::*
reference_id	cpe:2.3:a:isc:bind:9.11.5:s3:::supported_preview:::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:s3:::supported_preview:::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:-::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p2::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:p2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.3:s1::::::
reference_id	cpe:2.3:a:isc:bind:9.9.3:s1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.3:s1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url

reference_id

CVE-2019-6465

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5744.json

reference_url	https://access.redhat.com/errata/RHSA-2019:3552
reference_id	RHSA-2019:3552
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3552

reference_url	https://access.redhat.com/errata/RHSA-2020:1061
reference_id	RHSA-2020:1061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1061

reference_url	https://usn.ubuntu.com/3893-1/
reference_id	USN-3893-1
reference_type
scores
url	https://usn.ubuntu.com/3893-1/

reference_url	https://usn.ubuntu.com/3893-2/
reference_id	USN-3893-2
reference_type
scores
url	https://usn.ubuntu.com/3893-2/

fixed_packages

url	pkg:alpm/archlinux/bind@9.13.7-1
purl	pkg:alpm/archlinux/bind@9.13.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.13.7-1

aliases CVE-2019-6465

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4sf3-myam-p3bp

url VCID-e8xu-cq82-x3bw

vulnerability_id VCID-e8xu-cq82-x3bw

summary bind: A specially crafted packet can cause named to leak memory

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5744.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5744

reference_id

reference_type

scores

value	0.04441
scoring_system	epss
scoring_elements	0.88999
published_at	2026-04-01T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89052
published_at	2026-04-13T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89024
published_at	2026-04-07T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89042
published_at	2026-04-08T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89047
published_at	2026-04-09T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89059
published_at	2026-04-11T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89055
published_at	2026-04-12T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89007
published_at	2026-04-02T12:55:00Z

value	0.04441
scoring_system	epss
scoring_elements	0.89022
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5744

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://kb.isc.org/docs/cve-2018-5744
reference_id
reference_type
scores
url	https://kb.isc.org/docs/cve-2018-5744

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1679299
reference_id	1679299
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1679299

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922953
reference_id	922953
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922953

reference_url	https://security.archlinux.org/ASA-201902-25
reference_id	ASA-201902-25
reference_type
scores
url	https://security.archlinux.org/ASA-201902-25

reference_url

reference_id

AVG-915

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::
reference_id	cpe:2.3:a:isc:bind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:s1:::supported_preview:::*
reference_id	cpe:2.3:a:isc:bind:9.10.7:s1:::supported_preview:::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:s1:::supported_preview:::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:-::::::
reference_id	cpe:2.3:a:isc:bind:9.10.8:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.10.8:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:rc1::::::
reference_id	cpe:2.3:a:isc:bind:9.10.8:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:rc2::::::
reference_id	cpe:2.3:a:isc:bind:9.10.8:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:-::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:rc1::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:s3:::supported_preview:::*
reference_id	cpe:2.3:a:isc:bind:9.11.5:s3:::supported_preview:::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:s3:::supported_preview:::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:-::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:rc1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:rc1::::::

reference_url

reference_id

CVE-2018-5744

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5745.json

reference_url	https://usn.ubuntu.com/3893-1/
reference_id	USN-3893-1
reference_type
scores
url	https://usn.ubuntu.com/3893-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.13.7-1
purl	pkg:alpm/archlinux/bind@9.13.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.13.7-1

aliases CVE-2018-5744

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e8xu-cq82-x3bw

url VCID-sna2-5cuy-4fa2

vulnerability_id VCID-sna2-5cuy-4fa2

summary security update

references

reference_url

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5745.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5745

reference_id

reference_type

scores

value	0.0053
scoring_system	epss
scoring_elements	0.67154
published_at	2026-04-01T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67191
published_at	2026-04-07T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67215
published_at	2026-04-04T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67242
published_at	2026-04-08T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67256
published_at	2026-04-09T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67276
published_at	2026-04-11T12:55:00Z

value	0.0053
scoring_system	epss
scoring_elements	0.67262
published_at	2026-04-12T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67382
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://kb.isc.org/docs/cve-2018-5745
reference_id
reference_type
scores
url	https://kb.isc.org/docs/cve-2018-5745

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1679303
reference_id	1679303
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1679303

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922954
reference_id	922954
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922954

reference_url	https://security.archlinux.org/ASA-201902-25
reference_id	ASA-201902-25
reference_type
scores
url	https://security.archlinux.org/ASA-201902-25

reference_url

reference_id

AVG-915

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::
reference_id	cpe:2.3:a:isc:bind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:-::::::
reference_id	cpe:2.3:a:isc:bind:9.10.7:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.7:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.10.8:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.10.8:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:-::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.11.5:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:s3::::supported_preview::*
reference_id	cpe:2.3:a:isc:bind:9.11.5:s3::::supported_preview::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.11.5:s3::::supported_preview::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:-::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p1::::::
reference_id	cpe:2.3:a:isc:bind:9.12.3:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.12.3:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.3:s1::::supported_preview::*
reference_id	cpe:2.3:a:isc:bind:9.9.3:s1::::supported_preview::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.9.3:s1::::supported_preview::*

reference_url

reference_id

CVE-2018-5745

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:N/A:P

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6475.json

reference_url	https://access.redhat.com/errata/RHSA-2019:3552
reference_id	RHSA-2019:3552
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3552

reference_url	https://access.redhat.com/errata/RHSA-2020:1061
reference_id	RHSA-2020:1061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1061

reference_url	https://usn.ubuntu.com/3893-1/
reference_id	USN-3893-1
reference_type
scores
url	https://usn.ubuntu.com/3893-1/

reference_url	https://usn.ubuntu.com/3893-2/
reference_id	USN-3893-2
reference_type
scores
url	https://usn.ubuntu.com/3893-2/

fixed_packages

url	pkg:alpm/archlinux/bind@9.13.7-1
purl	pkg:alpm/archlinux/bind@9.13.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.13.7-1

aliases CVE-2018-5745

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sna2-5cuy-4fa2

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.13.7-1

pkg:alpm/archlinux/bind@9.14.6-1

alpm

archlinux

bind

9.14.6-1

true

9.14.7-1

9.20.9-1

url VCID-7mbz-t9jk-juca

vulnerability_id VCID-7mbz-t9jk-juca

summary bind: A flaw in mirror zone validity checking can allow zone data to be spoofed

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6475.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6475

reference_id

reference_type

scores

value	0.00621
scoring_system	epss
scoring_elements	0.70006
published_at	2026-04-01T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70069
published_at	2026-04-13T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70009
published_at	2026-04-07T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70057
published_at	2026-04-08T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70073
published_at	2026-04-09T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70096
published_at	2026-04-11T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70082
published_at	2026-04-12T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70018
published_at	2026-04-02T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70033
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6475

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://kb.isc.org/docs/cve-2019-6475
reference_id
reference_type
scores
url	https://kb.isc.org/docs/cve-2019-6475

reference_url	https://security.netapp.com/advisory/ntap-20191024-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191024-0004/

reference_url	https://support.f5.com/csp/article/K42238532?utm_source=f5support&amp%3Butm_medium=RSS
reference_id
reference_type
scores
url	https://support.f5.com/csp/article/K42238532?utm_source=f5support&amp%3Butm_medium=RSS

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1762914
reference_id	1762914
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1762914

reference_url

reference_id

AVG-1056

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::
reference_id	cpe:2.3:a:isc:bind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::

reference_url

reference_id

CVE-2019-6475

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6476.json

fixed_packages

url	pkg:alpm/archlinux/bind@9.14.7-1
purl	pkg:alpm/archlinux/bind@9.14.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.14.7-1

aliases CVE-2019-6475

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7mbz-t9jk-juca

url VCID-cufc-v1hn-jbdn

vulnerability_id VCID-cufc-v1hn-jbdn

summary bind: An error in QNAME minimization code can cause BIND to exit with an assertion failure

references

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6476.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6476

reference_id

reference_type

scores

value	0.01269
scoring_system	epss
scoring_elements	0.79427
published_at	2026-04-01T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79476
published_at	2026-04-13T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79445
published_at	2026-04-07T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79473
published_at	2026-04-08T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79481
published_at	2026-04-09T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79503
published_at	2026-04-11T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79486
published_at	2026-04-12T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79434
published_at	2026-04-02T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79458
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6476

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://kb.isc.org/docs/cve-2019-6476
reference_id
reference_type
scores
url	https://kb.isc.org/docs/cve-2019-6476

reference_url	https://security.netapp.com/advisory/ntap-20191024-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191024-0004/

reference_url	https://support.f5.com/csp/article/K42238532?utm_source=f5support&amp%3Butm_medium=RSS
reference_id
reference_type
scores
url	https://support.f5.com/csp/article/K42238532?utm_source=f5support&amp%3Butm_medium=RSS

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1762957
reference_id	1762957
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1762957

reference_url

reference_id

AVG-1056

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::
reference_id	cpe:2.3:a:isc:bind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::

reference_url

reference_id

CVE-2019-6476

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6475.json

fixed_packages

url	pkg:alpm/archlinux/bind@9.14.7-1
purl	pkg:alpm/archlinux/bind@9.14.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.14.7-1

aliases CVE-2019-6476

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cufc-v1hn-jbdn

3.4

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.14.6-1

pkg:alpm/archlinux/bind@9.14.7-1

alpm

archlinux

bind

9.14.7-1

false

9.16.4-1

9.20.9-1

url VCID-7mbz-t9jk-juca

vulnerability_id VCID-7mbz-t9jk-juca

summary bind: A flaw in mirror zone validity checking can allow zone data to be spoofed

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6475.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6475

reference_id

reference_type

scores

value	0.00621
scoring_system	epss
scoring_elements	0.70006
published_at	2026-04-01T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70069
published_at	2026-04-13T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70009
published_at	2026-04-07T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70057
published_at	2026-04-08T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70073
published_at	2026-04-09T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70096
published_at	2026-04-11T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70082
published_at	2026-04-12T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70018
published_at	2026-04-02T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70033
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6475

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://kb.isc.org/docs/cve-2019-6475
reference_id
reference_type
scores
url	https://kb.isc.org/docs/cve-2019-6475

reference_url	https://security.netapp.com/advisory/ntap-20191024-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191024-0004/

reference_url	https://support.f5.com/csp/article/K42238532?utm_source=f5support&amp%3Butm_medium=RSS
reference_id
reference_type
scores
url	https://support.f5.com/csp/article/K42238532?utm_source=f5support&amp%3Butm_medium=RSS

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1762914
reference_id	1762914
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1762914

reference_url

reference_id

AVG-1056

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::
reference_id	cpe:2.3:a:isc:bind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::

reference_url

reference_id

CVE-2019-6475

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6476.json

fixed_packages

url	pkg:alpm/archlinux/bind@9.14.7-1
purl	pkg:alpm/archlinux/bind@9.14.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.14.7-1

aliases CVE-2019-6475

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7mbz-t9jk-juca

url VCID-cufc-v1hn-jbdn

vulnerability_id VCID-cufc-v1hn-jbdn

summary bind: An error in QNAME minimization code can cause BIND to exit with an assertion failure

references

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6476.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6476

reference_id

reference_type

scores

value	0.01269
scoring_system	epss
scoring_elements	0.79427
published_at	2026-04-01T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79476
published_at	2026-04-13T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79445
published_at	2026-04-07T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79473
published_at	2026-04-08T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79481
published_at	2026-04-09T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79503
published_at	2026-04-11T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79486
published_at	2026-04-12T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79434
published_at	2026-04-02T12:55:00Z

value	0.01269
scoring_system	epss
scoring_elements	0.79458
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6476

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://kb.isc.org/docs/cve-2019-6476
reference_id
reference_type
scores
url	https://kb.isc.org/docs/cve-2019-6476

reference_url	https://security.netapp.com/advisory/ntap-20191024-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191024-0004/

reference_url	https://support.f5.com/csp/article/K42238532?utm_source=f5support&amp%3Butm_medium=RSS
reference_id
reference_type
scores
url	https://support.f5.com/csp/article/K42238532?utm_source=f5support&amp%3Butm_medium=RSS

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1762957
reference_id	1762957
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1762957

reference_url

reference_id

AVG-1056

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::
reference_id	cpe:2.3:a:isc:bind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind::::::::

reference_url

reference_id

CVE-2019-6476

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8617.json

fixed_packages

url	pkg:alpm/archlinux/bind@9.14.7-1
purl	pkg:alpm/archlinux/bind@9.14.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.14.7-1

aliases CVE-2019-6476

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cufc-v1hn-jbdn

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.14.7-1

pkg:alpm/archlinux/bind@9.16.2-2

alpm

archlinux

bind

9.16.2-2

true

9.16.4-1

9.20.9-1

url VCID-e5ez-2bba-zke3

vulnerability_id VCID-e5ez-2bba-zke3

summary security update

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8617.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8617

reference_id

reference_type

scores

value	0.89736
scoring_system	epss
scoring_elements	0.99565
published_at	2026-04-07T12:55:00Z

value	0.89736
scoring_system	epss
scoring_elements	0.99566
published_at	2026-04-08T12:55:00Z

value	0.89827
scoring_system	epss
scoring_elements	0.99567
published_at	2026-04-04T12:55:00Z

value	0.92629
scoring_system	epss
scoring_elements	0.99745
published_at	2026-04-13T12:55:00Z

value	0.92629
scoring_system	epss
scoring_elements	0.99746
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8617

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1836124
reference_id	1836124
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1836124

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961939
reference_id	961939
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961939

reference_url	https://security.archlinux.org/ASA-202005-13
reference_id	ASA-202005-13
reference_type
scores
url	https://security.archlinux.org/ASA-202005-13

reference_url

reference_id

AVG-1165

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8616.json

reference_url	https://github.com/knqyf263/CVE-2020-8617/blob/92a64e68cf77a5b938e0d9c04524fa6147ccb785/exploit.py
reference_id	CVE-2020-8617
reference_type	exploit
scores
url	https://github.com/knqyf263/CVE-2020-8617/blob/92a64e68cf77a5b938e0d9c04524fa6147ccb785/exploit.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/48521.py
reference_id	CVE-2020-8617
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/48521.py

reference_url	https://access.redhat.com/errata/RHSA-2020:2338
reference_id	RHSA-2020:2338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2338

reference_url	https://access.redhat.com/errata/RHSA-2020:2344
reference_id	RHSA-2020:2344
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2344

reference_url	https://access.redhat.com/errata/RHSA-2020:2345
reference_id	RHSA-2020:2345
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2345

reference_url	https://access.redhat.com/errata/RHSA-2020:2383
reference_id	RHSA-2020:2383
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2383

reference_url	https://access.redhat.com/errata/RHSA-2020:2404
reference_id	RHSA-2020:2404
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2404

reference_url	https://access.redhat.com/errata/RHSA-2020:2893
reference_id	RHSA-2020:2893
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2893

reference_url	https://access.redhat.com/errata/RHSA-2020:3378
reference_id	RHSA-2020:3378
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3378

reference_url	https://access.redhat.com/errata/RHSA-2020:3379
reference_id	RHSA-2020:3379
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3379

reference_url	https://access.redhat.com/errata/RHSA-2020:3433
reference_id	RHSA-2020:3433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3433

reference_url	https://access.redhat.com/errata/RHSA-2020:3470
reference_id	RHSA-2020:3470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3470

reference_url	https://access.redhat.com/errata/RHSA-2020:3471
reference_id	RHSA-2020:3471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3471

reference_url	https://access.redhat.com/errata/RHSA-2020:3475
reference_id	RHSA-2020:3475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3475

reference_url	https://usn.ubuntu.com/4365-1/
reference_id	USN-4365-1
reference_type
scores
url	https://usn.ubuntu.com/4365-1/

reference_url	https://usn.ubuntu.com/4365-2/
reference_id	USN-4365-2
reference_type
scores
url	https://usn.ubuntu.com/4365-2/

fixed_packages

url pkg:alpm/archlinux/bind@9.16.3-1

purl pkg:alpm/archlinux/bind@9.16.3-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqmy-rkkq-mkgj

vulnerability	VCID-qknq-wu95-6ba7

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.3-1

aliases CVE-2020-8617

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e5ez-2bba-zke3

url VCID-tg21-xnsh-t7c3

vulnerability_id VCID-tg21-xnsh-t7c3

summary security update

references

reference_url

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8616.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8616

reference_id

reference_type

scores

value	0.1534
scoring_system	epss
scoring_elements	0.946
published_at	2026-04-01T12:55:00Z

value	0.1534
scoring_system	epss
scoring_elements	0.94615
published_at	2026-04-04T12:55:00Z

value	0.1534
scoring_system	epss
scoring_elements	0.94608
published_at	2026-04-02T12:55:00Z

value	0.19393
scoring_system	epss
scoring_elements	0.9537
published_at	2026-04-08T12:55:00Z

value	0.19393
scoring_system	epss
scoring_elements	0.95373
published_at	2026-04-09T12:55:00Z

value	0.19393
scoring_system	epss
scoring_elements	0.95377
published_at	2026-04-12T12:55:00Z

value	0.19393
scoring_system	epss
scoring_elements	0.95363
published_at	2026-04-07T12:55:00Z

value	0.19393
scoring_system	epss
scoring_elements	0.9538
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8617

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1836118
reference_id	1836118
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1836118

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961939
reference_id	961939
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961939

reference_url	https://security.archlinux.org/ASA-202005-13
reference_id	ASA-202005-13
reference_type
scores
url	https://security.archlinux.org/ASA-202005-13

reference_url

reference_id

AVG-1165

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8618.json

reference_url	https://access.redhat.com/errata/RHSA-2020:2338
reference_id	RHSA-2020:2338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2338

reference_url	https://access.redhat.com/errata/RHSA-2020:2344
reference_id	RHSA-2020:2344
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2344

reference_url	https://access.redhat.com/errata/RHSA-2020:2345
reference_id	RHSA-2020:2345
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2345

reference_url	https://access.redhat.com/errata/RHSA-2020:2383
reference_id	RHSA-2020:2383
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2383

reference_url	https://access.redhat.com/errata/RHSA-2020:2404
reference_id	RHSA-2020:2404
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2404

reference_url	https://access.redhat.com/errata/RHSA-2020:3272
reference_id	RHSA-2020:3272
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3272

reference_url	https://access.redhat.com/errata/RHSA-2020:3378
reference_id	RHSA-2020:3378
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3378

reference_url	https://access.redhat.com/errata/RHSA-2020:3379
reference_id	RHSA-2020:3379
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3379

reference_url	https://access.redhat.com/errata/RHSA-2020:3433
reference_id	RHSA-2020:3433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3433

reference_url	https://access.redhat.com/errata/RHSA-2020:3470
reference_id	RHSA-2020:3470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3470

reference_url	https://access.redhat.com/errata/RHSA-2020:3471
reference_id	RHSA-2020:3471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3471

reference_url	https://access.redhat.com/errata/RHSA-2020:3475
reference_id	RHSA-2020:3475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3475

reference_url	https://usn.ubuntu.com/4365-1/
reference_id	USN-4365-1
reference_type
scores
url	https://usn.ubuntu.com/4365-1/

reference_url	https://usn.ubuntu.com/4365-2/
reference_id	USN-4365-2
reference_type
scores
url	https://usn.ubuntu.com/4365-2/

fixed_packages

url pkg:alpm/archlinux/bind@9.16.3-1

purl pkg:alpm/archlinux/bind@9.16.3-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqmy-rkkq-mkgj

vulnerability	VCID-qknq-wu95-6ba7

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.3-1

aliases CVE-2020-8616

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tg21-xnsh-t7c3

10.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.2-2

pkg:alpm/archlinux/bind@9.16.3-1

alpm

archlinux

bind

9.16.3-1

true

9.16.4-1

9.20.9-1

url VCID-gqmy-rkkq-mkgj

vulnerability_id VCID-gqmy-rkkq-mkgj

summary bind: A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer

references

reference_url

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8618.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8618

reference_id

reference_type

scores

value	0.01297
scoring_system	epss
scoring_elements	0.7965
published_at	2026-04-01T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.79698
published_at	2026-04-13T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.79721
published_at	2026-04-11T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.79704
published_at	2026-04-12T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.79656
published_at	2026-04-02T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.79678
published_at	2026-04-04T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.79664
published_at	2026-04-07T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.79692
published_at	2026-04-08T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.797
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8618

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1847242
reference_id	1847242
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1847242

reference_url	https://security.archlinux.org/ASA-202006-13
reference_id	ASA-202006-13
reference_type
scores
url	https://security.archlinux.org/ASA-202006-13

reference_url

reference_id

AVG-1191

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8619.json

reference_url	https://usn.ubuntu.com/4399-1/
reference_id	USN-4399-1
reference_type
scores
url	https://usn.ubuntu.com/4399-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.4-1
purl	pkg:alpm/archlinux/bind@9.16.4-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.4-1

aliases CVE-2020-8618

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gqmy-rkkq-mkgj

url VCID-qknq-wu95-6ba7

vulnerability_id VCID-qknq-wu95-6ba7

summary bind: asterisk character in an empty non-terminal can cause an assertion failure in rbtdb.c

references

reference_url

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8619.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8619

reference_id

reference_type

scores

value	0.06931
scoring_system	epss
scoring_elements	0.91367
published_at	2026-04-01T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91417
published_at	2026-04-13T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91415
published_at	2026-04-11T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91418
published_at	2026-04-12T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91373
published_at	2026-04-02T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91383
published_at	2026-04-04T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91391
published_at	2026-04-07T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91403
published_at	2026-04-08T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91409
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1847244
reference_id	1847244
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1847244

reference_url	https://security.archlinux.org/ASA-202006-13
reference_id	ASA-202006-13
reference_type
scores
url	https://security.archlinux.org/ASA-202006-13

reference_url

reference_id

AVG-1191

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8617.json

reference_url	https://access.redhat.com/errata/RHSA-2020:4500
reference_id	RHSA-2020:4500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4500

reference_url	https://usn.ubuntu.com/4399-1/
reference_id	USN-4399-1
reference_type
scores
url	https://usn.ubuntu.com/4399-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.4-1
purl	pkg:alpm/archlinux/bind@9.16.4-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.4-1

aliases CVE-2020-8619

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qknq-wu95-6ba7

url VCID-e5ez-2bba-zke3

vulnerability_id VCID-e5ez-2bba-zke3

summary security update

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8617.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8617

reference_id

reference_type

scores

value	0.89736
scoring_system	epss
scoring_elements	0.99565
published_at	2026-04-07T12:55:00Z

value	0.89736
scoring_system	epss
scoring_elements	0.99566
published_at	2026-04-08T12:55:00Z

value	0.89827
scoring_system	epss
scoring_elements	0.99567
published_at	2026-04-04T12:55:00Z

value	0.92629
scoring_system	epss
scoring_elements	0.99745
published_at	2026-04-13T12:55:00Z

value	0.92629
scoring_system	epss
scoring_elements	0.99746
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8617

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1836124
reference_id	1836124
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1836124

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961939
reference_id	961939
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961939

reference_url	https://security.archlinux.org/ASA-202005-13
reference_id	ASA-202005-13
reference_type
scores
url	https://security.archlinux.org/ASA-202005-13

reference_url

reference_id

AVG-1165

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8616.json

reference_url	https://github.com/knqyf263/CVE-2020-8617/blob/92a64e68cf77a5b938e0d9c04524fa6147ccb785/exploit.py
reference_id	CVE-2020-8617
reference_type	exploit
scores
url	https://github.com/knqyf263/CVE-2020-8617/blob/92a64e68cf77a5b938e0d9c04524fa6147ccb785/exploit.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/48521.py
reference_id	CVE-2020-8617
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/48521.py

reference_url	https://access.redhat.com/errata/RHSA-2020:2338
reference_id	RHSA-2020:2338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2338

reference_url	https://access.redhat.com/errata/RHSA-2020:2344
reference_id	RHSA-2020:2344
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2344

reference_url	https://access.redhat.com/errata/RHSA-2020:2345
reference_id	RHSA-2020:2345
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2345

reference_url	https://access.redhat.com/errata/RHSA-2020:2383
reference_id	RHSA-2020:2383
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2383

reference_url	https://access.redhat.com/errata/RHSA-2020:2404
reference_id	RHSA-2020:2404
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2404

reference_url	https://access.redhat.com/errata/RHSA-2020:2893
reference_id	RHSA-2020:2893
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2893

reference_url	https://access.redhat.com/errata/RHSA-2020:3378
reference_id	RHSA-2020:3378
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3378

reference_url	https://access.redhat.com/errata/RHSA-2020:3379
reference_id	RHSA-2020:3379
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3379

reference_url	https://access.redhat.com/errata/RHSA-2020:3433
reference_id	RHSA-2020:3433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3433

reference_url	https://access.redhat.com/errata/RHSA-2020:3470
reference_id	RHSA-2020:3470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3470

reference_url	https://access.redhat.com/errata/RHSA-2020:3471
reference_id	RHSA-2020:3471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3471

reference_url	https://access.redhat.com/errata/RHSA-2020:3475
reference_id	RHSA-2020:3475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3475

reference_url	https://usn.ubuntu.com/4365-1/
reference_id	USN-4365-1
reference_type
scores
url	https://usn.ubuntu.com/4365-1/

reference_url	https://usn.ubuntu.com/4365-2/
reference_id	USN-4365-2
reference_type
scores
url	https://usn.ubuntu.com/4365-2/

fixed_packages

url pkg:alpm/archlinux/bind@9.16.3-1

purl pkg:alpm/archlinux/bind@9.16.3-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqmy-rkkq-mkgj

vulnerability	VCID-qknq-wu95-6ba7

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.3-1

aliases CVE-2020-8617

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e5ez-2bba-zke3

url VCID-tg21-xnsh-t7c3

vulnerability_id VCID-tg21-xnsh-t7c3

summary security update

references

reference_url

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8616.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8616

reference_id

reference_type

scores

value	0.1534
scoring_system	epss
scoring_elements	0.946
published_at	2026-04-01T12:55:00Z

value	0.1534
scoring_system	epss
scoring_elements	0.94615
published_at	2026-04-04T12:55:00Z

value	0.1534
scoring_system	epss
scoring_elements	0.94608
published_at	2026-04-02T12:55:00Z

value	0.19393
scoring_system	epss
scoring_elements	0.9537
published_at	2026-04-08T12:55:00Z

value	0.19393
scoring_system	epss
scoring_elements	0.95373
published_at	2026-04-09T12:55:00Z

value	0.19393
scoring_system	epss
scoring_elements	0.95377
published_at	2026-04-12T12:55:00Z

value	0.19393
scoring_system	epss
scoring_elements	0.95363
published_at	2026-04-07T12:55:00Z

value	0.19393
scoring_system	epss
scoring_elements	0.9538
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8617

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1836118
reference_id	1836118
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1836118

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961939
reference_id	961939
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961939

reference_url	https://security.archlinux.org/ASA-202005-13
reference_id	ASA-202005-13
reference_type
scores
url	https://security.archlinux.org/ASA-202005-13

reference_url

reference_id

AVG-1165

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8618.json

reference_url	https://access.redhat.com/errata/RHSA-2020:2338
reference_id	RHSA-2020:2338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2338

reference_url	https://access.redhat.com/errata/RHSA-2020:2344
reference_id	RHSA-2020:2344
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2344

reference_url	https://access.redhat.com/errata/RHSA-2020:2345
reference_id	RHSA-2020:2345
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2345

reference_url	https://access.redhat.com/errata/RHSA-2020:2383
reference_id	RHSA-2020:2383
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2383

reference_url	https://access.redhat.com/errata/RHSA-2020:2404
reference_id	RHSA-2020:2404
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2404

reference_url	https://access.redhat.com/errata/RHSA-2020:3272
reference_id	RHSA-2020:3272
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3272

reference_url	https://access.redhat.com/errata/RHSA-2020:3378
reference_id	RHSA-2020:3378
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3378

reference_url	https://access.redhat.com/errata/RHSA-2020:3379
reference_id	RHSA-2020:3379
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3379

reference_url	https://access.redhat.com/errata/RHSA-2020:3433
reference_id	RHSA-2020:3433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3433

reference_url	https://access.redhat.com/errata/RHSA-2020:3470
reference_id	RHSA-2020:3470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3470

reference_url	https://access.redhat.com/errata/RHSA-2020:3471
reference_id	RHSA-2020:3471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3471

reference_url	https://access.redhat.com/errata/RHSA-2020:3475
reference_id	RHSA-2020:3475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3475

reference_url	https://usn.ubuntu.com/4365-1/
reference_id	USN-4365-1
reference_type
scores
url	https://usn.ubuntu.com/4365-1/

reference_url	https://usn.ubuntu.com/4365-2/
reference_id	USN-4365-2
reference_type
scores
url	https://usn.ubuntu.com/4365-2/

fixed_packages

url pkg:alpm/archlinux/bind@9.16.3-1

purl pkg:alpm/archlinux/bind@9.16.3-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqmy-rkkq-mkgj

vulnerability	VCID-qknq-wu95-6ba7

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.3-1

aliases CVE-2020-8616

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tg21-xnsh-t7c3

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.3-1

pkg:alpm/archlinux/bind@9.16.4-1

alpm

archlinux

bind

9.16.4-1

false

9.16.12-1

9.20.9-1

url VCID-gqmy-rkkq-mkgj

vulnerability_id VCID-gqmy-rkkq-mkgj

summary bind: A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer

references

reference_url

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8618.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8618

reference_id

reference_type

scores

value	0.01297
scoring_system	epss
scoring_elements	0.7965
published_at	2026-04-01T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.79698
published_at	2026-04-13T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.79721
published_at	2026-04-11T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.79704
published_at	2026-04-12T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.79656
published_at	2026-04-02T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.79678
published_at	2026-04-04T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.79664
published_at	2026-04-07T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.79692
published_at	2026-04-08T12:55:00Z

value	0.01297
scoring_system	epss
scoring_elements	0.797
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8618

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1847242
reference_id	1847242
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1847242

reference_url	https://security.archlinux.org/ASA-202006-13
reference_id	ASA-202006-13
reference_type
scores
url	https://security.archlinux.org/ASA-202006-13

reference_url

reference_id

AVG-1191

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8619.json

reference_url	https://usn.ubuntu.com/4399-1/
reference_id	USN-4399-1
reference_type
scores
url	https://usn.ubuntu.com/4399-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.4-1
purl	pkg:alpm/archlinux/bind@9.16.4-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.4-1

aliases CVE-2020-8618

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gqmy-rkkq-mkgj

url VCID-qknq-wu95-6ba7

vulnerability_id VCID-qknq-wu95-6ba7

summary bind: asterisk character in an empty non-terminal can cause an assertion failure in rbtdb.c

references

reference_url

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8619.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8619

reference_id

reference_type

scores

value	0.06931
scoring_system	epss
scoring_elements	0.91367
published_at	2026-04-01T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91417
published_at	2026-04-13T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91415
published_at	2026-04-11T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91418
published_at	2026-04-12T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91373
published_at	2026-04-02T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91383
published_at	2026-04-04T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91391
published_at	2026-04-07T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91403
published_at	2026-04-08T12:55:00Z

value	0.06931
scoring_system	epss
scoring_elements	0.91409
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1847244
reference_id	1847244
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1847244

reference_url	https://security.archlinux.org/ASA-202006-13
reference_id	ASA-202006-13
reference_type
scores
url	https://security.archlinux.org/ASA-202006-13

reference_url

reference_id

AVG-1191

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8625.json

reference_url	https://access.redhat.com/errata/RHSA-2020:4500
reference_id	RHSA-2020:4500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4500

reference_url	https://usn.ubuntu.com/4399-1/
reference_id	USN-4399-1
reference_type
scores
url	https://usn.ubuntu.com/4399-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.4-1
purl	pkg:alpm/archlinux/bind@9.16.4-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.4-1

aliases CVE-2020-8619

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qknq-wu95-6ba7

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.4-1

pkg:alpm/archlinux/bind@9.16.11-1

alpm

archlinux

bind

9.16.11-1

true

9.16.12-1

9.20.9-1

url VCID-4nrz-wm5t-z3g5

vulnerability_id VCID-4nrz-wm5t-z3g5

summary bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation

references

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8625.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8625

reference_id

reference_type

scores

value	0.26304
scoring_system	epss
scoring_elements	0.96269
published_at	2026-04-01T12:55:00Z

value	0.26304
scoring_system	epss
scoring_elements	0.96308
published_at	2026-04-13T12:55:00Z

value	0.26304
scoring_system	epss
scoring_elements	0.96301
published_at	2026-04-09T12:55:00Z

value	0.26304
scoring_system	epss
scoring_elements	0.96305
published_at	2026-04-12T12:55:00Z

value	0.26304
scoring_system	epss
scoring_elements	0.96276
published_at	2026-04-02T12:55:00Z

value	0.26304
scoring_system	epss
scoring_elements	0.96284
published_at	2026-04-04T12:55:00Z

value	0.26304
scoring_system	epss
scoring_elements	0.96288
published_at	2026-04-07T12:55:00Z

value	0.26304
scoring_system	epss
scoring_elements	0.96297
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8625

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8625
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8625

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1928486
reference_id	1928486
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1928486

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983004
reference_id	983004
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983004

reference_url	https://security.archlinux.org/ASA-202102-40
reference_id	ASA-202102-40
reference_type
scores
url	https://security.archlinux.org/ASA-202102-40

reference_url

reference_id

AVG-1589

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8625.json

reference_url	https://access.redhat.com/errata/RHSA-2021:0669
reference_id	RHSA-2021:0669
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0669

reference_url	https://access.redhat.com/errata/RHSA-2021:0670
reference_id	RHSA-2021:0670
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0670

reference_url	https://access.redhat.com/errata/RHSA-2021:0671
reference_id	RHSA-2021:0671
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0671

reference_url	https://access.redhat.com/errata/RHSA-2021:0672
reference_id	RHSA-2021:0672
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0672

reference_url	https://access.redhat.com/errata/RHSA-2021:0691
reference_id	RHSA-2021:0691
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0691

reference_url	https://access.redhat.com/errata/RHSA-2021:0692
reference_id	RHSA-2021:0692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0692

reference_url	https://access.redhat.com/errata/RHSA-2021:0693
reference_id	RHSA-2021:0693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0693

reference_url	https://access.redhat.com/errata/RHSA-2021:0694
reference_id	RHSA-2021:0694
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0694

reference_url	https://access.redhat.com/errata/RHSA-2021:0727
reference_id	RHSA-2021:0727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0727

reference_url	https://access.redhat.com/errata/RHSA-2021:0922
reference_id	RHSA-2021:0922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0922

reference_url	https://usn.ubuntu.com/4737-1/
reference_id	USN-4737-1
reference_type
scores
url	https://usn.ubuntu.com/4737-1/

reference_url	https://usn.ubuntu.com/4737-2/
reference_id	USN-4737-2
reference_type
scores
url	https://usn.ubuntu.com/4737-2/

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.12-1
purl	pkg:alpm/archlinux/bind@9.16.12-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.12-1

aliases CVE-2020-8625

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4nrz-wm5t-z3g5

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.11-1

pkg:alpm/archlinux/bind@9.16.12-1

alpm

archlinux

bind

9.16.12-1

false

9.16.15-1

9.20.9-1

url VCID-4nrz-wm5t-z3g5

vulnerability_id VCID-4nrz-wm5t-z3g5

summary bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation

references

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8625.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8625

reference_id

reference_type

scores

value	0.26304
scoring_system	epss
scoring_elements	0.96269
published_at	2026-04-01T12:55:00Z

value	0.26304
scoring_system	epss
scoring_elements	0.96308
published_at	2026-04-13T12:55:00Z

value	0.26304
scoring_system	epss
scoring_elements	0.96301
published_at	2026-04-09T12:55:00Z

value	0.26304
scoring_system	epss
scoring_elements	0.96305
published_at	2026-04-12T12:55:00Z

value	0.26304
scoring_system	epss
scoring_elements	0.96276
published_at	2026-04-02T12:55:00Z

value	0.26304
scoring_system	epss
scoring_elements	0.96284
published_at	2026-04-04T12:55:00Z

value	0.26304
scoring_system	epss
scoring_elements	0.96288
published_at	2026-04-07T12:55:00Z

value	0.26304
scoring_system	epss
scoring_elements	0.96297
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8625

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8625
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8625

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1928486
reference_id	1928486
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1928486

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983004
reference_id	983004
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983004

reference_url	https://security.archlinux.org/ASA-202102-40
reference_id	ASA-202102-40
reference_type
scores
url	https://security.archlinux.org/ASA-202102-40

reference_url

reference_id

AVG-1589

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25215.json

reference_url	https://access.redhat.com/errata/RHSA-2021:0669
reference_id	RHSA-2021:0669
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0669

reference_url	https://access.redhat.com/errata/RHSA-2021:0670
reference_id	RHSA-2021:0670
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0670

reference_url	https://access.redhat.com/errata/RHSA-2021:0671
reference_id	RHSA-2021:0671
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0671

reference_url	https://access.redhat.com/errata/RHSA-2021:0672
reference_id	RHSA-2021:0672
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0672

reference_url	https://access.redhat.com/errata/RHSA-2021:0691
reference_id	RHSA-2021:0691
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0691

reference_url	https://access.redhat.com/errata/RHSA-2021:0692
reference_id	RHSA-2021:0692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0692

reference_url	https://access.redhat.com/errata/RHSA-2021:0693
reference_id	RHSA-2021:0693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0693

reference_url	https://access.redhat.com/errata/RHSA-2021:0694
reference_id	RHSA-2021:0694
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0694

reference_url	https://access.redhat.com/errata/RHSA-2021:0727
reference_id	RHSA-2021:0727
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0727

reference_url	https://access.redhat.com/errata/RHSA-2021:0922
reference_id	RHSA-2021:0922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0922

reference_url	https://usn.ubuntu.com/4737-1/
reference_id	USN-4737-1
reference_type
scores
url	https://usn.ubuntu.com/4737-1/

reference_url	https://usn.ubuntu.com/4737-2/
reference_id	USN-4737-2
reference_type
scores
url	https://usn.ubuntu.com/4737-2/

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.12-1
purl	pkg:alpm/archlinux/bind@9.16.12-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.12-1

aliases CVE-2020-8625

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4nrz-wm5t-z3g5

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.12-1

pkg:alpm/archlinux/bind@9.16.13-1

alpm

archlinux

bind

9.16.13-1

true

9.16.15-1

9.20.9-1

url VCID-7kh5-ba54-z3gy

vulnerability_id VCID-7kh5-ba54-z3gy

summary bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25215.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25215

reference_id

reference_type

scores

value	0.01493
scoring_system	epss
scoring_elements	0.81002
published_at	2026-04-01T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81066
published_at	2026-04-13T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81086
published_at	2026-04-11T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81073
published_at	2026-04-12T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81011
published_at	2026-04-02T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81035
published_at	2026-04-04T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81034
published_at	2026-04-07T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81062
published_at	2026-04-08T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81068
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25215

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1953857
reference_id	1953857
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1953857

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987742
reference_id	987742
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987742

reference_url	https://security.archlinux.org/ASA-202104-10
reference_id	ASA-202104-10
reference_type
scores
url	https://security.archlinux.org/ASA-202104-10

reference_url

reference_id

AVG-1890

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25214.json

reference_url	https://access.redhat.com/errata/RHSA-2021:1468
reference_id	RHSA-2021:1468
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1468

reference_url	https://access.redhat.com/errata/RHSA-2021:1469
reference_id	RHSA-2021:1469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1469

reference_url	https://access.redhat.com/errata/RHSA-2021:1475
reference_id	RHSA-2021:1475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1475

reference_url	https://access.redhat.com/errata/RHSA-2021:1476
reference_id	RHSA-2021:1476
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1476

reference_url	https://access.redhat.com/errata/RHSA-2021:1477
reference_id	RHSA-2021:1477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1477

reference_url	https://access.redhat.com/errata/RHSA-2021:1478
reference_id	RHSA-2021:1478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1478

reference_url	https://access.redhat.com/errata/RHSA-2021:1479
reference_id	RHSA-2021:1479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1479

reference_url	https://access.redhat.com/errata/RHSA-2021:1989
reference_id	RHSA-2021:1989
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1989

reference_url	https://access.redhat.com/errata/RHSA-2021:2024
reference_id	RHSA-2021:2024
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2024

reference_url	https://access.redhat.com/errata/RHSA-2021:2028
reference_id	RHSA-2021:2028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2028

reference_url	https://usn.ubuntu.com/4929-1/
reference_id	USN-4929-1
reference_type
scores
url	https://usn.ubuntu.com/4929-1/

reference_url	https://usn.ubuntu.com/7739-1/
reference_id	USN-7739-1
reference_type
scores
url	https://usn.ubuntu.com/7739-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.15-1
purl	pkg:alpm/archlinux/bind@9.16.15-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.15-1

aliases CVE-2021-25215

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7kh5-ba54-z3gy

url VCID-pjk7-r6yh-ufak

vulnerability_id VCID-pjk7-r6yh-ufak

summary bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25214.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25214

reference_id

reference_type

scores

value	0.00751
scoring_system	epss
scoring_elements	0.73117
published_at	2026-04-01T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73171
published_at	2026-04-13T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73196
published_at	2026-04-11T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73177
published_at	2026-04-12T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73127
published_at	2026-04-02T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73148
published_at	2026-04-04T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73123
published_at	2026-04-07T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73158
published_at	2026-04-08T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73172
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25214

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1953849
reference_id	1953849
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1953849

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987741
reference_id	987741
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987741

reference_url	https://security.archlinux.org/ASA-202104-10
reference_id	ASA-202104-10
reference_type
scores
url	https://security.archlinux.org/ASA-202104-10

reference_url

reference_id

AVG-1890

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25216.json

reference_url	https://access.redhat.com/errata/RHSA-2021:3325
reference_id	RHSA-2021:3325
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3325

reference_url	https://access.redhat.com/errata/RHSA-2021:4384
reference_id	RHSA-2021:4384
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4384

reference_url	https://usn.ubuntu.com/4929-1/
reference_id	USN-4929-1
reference_type
scores
url	https://usn.ubuntu.com/4929-1/

reference_url	https://usn.ubuntu.com/7739-1/
reference_id	USN-7739-1
reference_type
scores
url	https://usn.ubuntu.com/7739-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.15-1
purl	pkg:alpm/archlinux/bind@9.16.15-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.15-1

aliases CVE-2021-25214

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pjk7-r6yh-ufak

url VCID-rd8n-tcus-zyg3

vulnerability_id VCID-rd8n-tcus-zyg3

summary bind: Vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack

references

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25216.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25216

reference_id

reference_type

scores

value	0.27744
scoring_system	epss
scoring_elements	0.96416
published_at	2026-04-01T12:55:00Z

value	0.27744
scoring_system	epss
scoring_elements	0.9645
published_at	2026-04-13T12:55:00Z

value	0.27744
scoring_system	epss
scoring_elements	0.96443
published_at	2026-04-09T12:55:00Z

value	0.27744
scoring_system	epss
scoring_elements	0.96447
published_at	2026-04-12T12:55:00Z

value	0.27744
scoring_system	epss
scoring_elements	0.96423
published_at	2026-04-02T12:55:00Z

value	0.27744
scoring_system	epss
scoring_elements	0.96427
published_at	2026-04-04T12:55:00Z

value	0.27744
scoring_system	epss
scoring_elements	0.96431
published_at	2026-04-07T12:55:00Z

value	0.27744
scoring_system	epss
scoring_elements	0.96439
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25216

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1953872
reference_id	1953872
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1953872

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987743
reference_id	987743
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987743

reference_url	https://security.archlinux.org/ASA-202104-10
reference_id	ASA-202104-10
reference_type
scores
url	https://security.archlinux.org/ASA-202104-10

reference_url

reference_id

AVG-1890

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25215.json

reference_url	https://usn.ubuntu.com/4929-1/
reference_id	USN-4929-1
reference_type
scores
url	https://usn.ubuntu.com/4929-1/

reference_url	https://usn.ubuntu.com/7739-1/
reference_id	USN-7739-1
reference_type
scores
url	https://usn.ubuntu.com/7739-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.15-1
purl	pkg:alpm/archlinux/bind@9.16.15-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.15-1

aliases CVE-2021-25216

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rd8n-tcus-zyg3

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.13-1

pkg:alpm/archlinux/bind@9.16.15-1

alpm

archlinux

bind

9.16.15-1

false

9.16.20-1

9.20.9-1

url VCID-7kh5-ba54-z3gy

vulnerability_id VCID-7kh5-ba54-z3gy

summary bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25215.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25215

reference_id

reference_type

scores

value	0.01493
scoring_system	epss
scoring_elements	0.81002
published_at	2026-04-01T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81066
published_at	2026-04-13T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81086
published_at	2026-04-11T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81073
published_at	2026-04-12T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81011
published_at	2026-04-02T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81035
published_at	2026-04-04T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81034
published_at	2026-04-07T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81062
published_at	2026-04-08T12:55:00Z

value	0.01493
scoring_system	epss
scoring_elements	0.81068
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25215

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1953857
reference_id	1953857
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1953857

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987742
reference_id	987742
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987742

reference_url	https://security.archlinux.org/ASA-202104-10
reference_id	ASA-202104-10
reference_type
scores
url	https://security.archlinux.org/ASA-202104-10

reference_url

reference_id

AVG-1890

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25214.json

reference_url	https://access.redhat.com/errata/RHSA-2021:1468
reference_id	RHSA-2021:1468
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1468

reference_url	https://access.redhat.com/errata/RHSA-2021:1469
reference_id	RHSA-2021:1469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1469

reference_url	https://access.redhat.com/errata/RHSA-2021:1475
reference_id	RHSA-2021:1475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1475

reference_url	https://access.redhat.com/errata/RHSA-2021:1476
reference_id	RHSA-2021:1476
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1476

reference_url	https://access.redhat.com/errata/RHSA-2021:1477
reference_id	RHSA-2021:1477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1477

reference_url	https://access.redhat.com/errata/RHSA-2021:1478
reference_id	RHSA-2021:1478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1478

reference_url	https://access.redhat.com/errata/RHSA-2021:1479
reference_id	RHSA-2021:1479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1479

reference_url	https://access.redhat.com/errata/RHSA-2021:1989
reference_id	RHSA-2021:1989
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1989

reference_url	https://access.redhat.com/errata/RHSA-2021:2024
reference_id	RHSA-2021:2024
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2024

reference_url	https://access.redhat.com/errata/RHSA-2021:2028
reference_id	RHSA-2021:2028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2028

reference_url	https://usn.ubuntu.com/4929-1/
reference_id	USN-4929-1
reference_type
scores
url	https://usn.ubuntu.com/4929-1/

reference_url	https://usn.ubuntu.com/7739-1/
reference_id	USN-7739-1
reference_type
scores
url	https://usn.ubuntu.com/7739-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.15-1
purl	pkg:alpm/archlinux/bind@9.16.15-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.15-1

aliases CVE-2021-25215

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7kh5-ba54-z3gy

url VCID-pjk7-r6yh-ufak

vulnerability_id VCID-pjk7-r6yh-ufak

summary bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25214.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25214

reference_id

reference_type

scores

value	0.00751
scoring_system	epss
scoring_elements	0.73117
published_at	2026-04-01T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73171
published_at	2026-04-13T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73196
published_at	2026-04-11T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73177
published_at	2026-04-12T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73127
published_at	2026-04-02T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73148
published_at	2026-04-04T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73123
published_at	2026-04-07T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73158
published_at	2026-04-08T12:55:00Z

value	0.00751
scoring_system	epss
scoring_elements	0.73172
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25214

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1953849
reference_id	1953849
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1953849

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987741
reference_id	987741
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987741

reference_url	https://security.archlinux.org/ASA-202104-10
reference_id	ASA-202104-10
reference_type
scores
url	https://security.archlinux.org/ASA-202104-10

reference_url

reference_id

AVG-1890

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25216.json

reference_url	https://access.redhat.com/errata/RHSA-2021:3325
reference_id	RHSA-2021:3325
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3325

reference_url	https://access.redhat.com/errata/RHSA-2021:4384
reference_id	RHSA-2021:4384
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4384

reference_url	https://usn.ubuntu.com/4929-1/
reference_id	USN-4929-1
reference_type
scores
url	https://usn.ubuntu.com/4929-1/

reference_url	https://usn.ubuntu.com/7739-1/
reference_id	USN-7739-1
reference_type
scores
url	https://usn.ubuntu.com/7739-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.15-1
purl	pkg:alpm/archlinux/bind@9.16.15-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.15-1

aliases CVE-2021-25214

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pjk7-r6yh-ufak

url VCID-rd8n-tcus-zyg3

vulnerability_id VCID-rd8n-tcus-zyg3

summary bind: Vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack

references

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25216.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25216

reference_id

reference_type

scores

value	0.27744
scoring_system	epss
scoring_elements	0.96416
published_at	2026-04-01T12:55:00Z

value	0.27744
scoring_system	epss
scoring_elements	0.9645
published_at	2026-04-13T12:55:00Z

value	0.27744
scoring_system	epss
scoring_elements	0.96443
published_at	2026-04-09T12:55:00Z

value	0.27744
scoring_system	epss
scoring_elements	0.96447
published_at	2026-04-12T12:55:00Z

value	0.27744
scoring_system	epss
scoring_elements	0.96423
published_at	2026-04-02T12:55:00Z

value	0.27744
scoring_system	epss
scoring_elements	0.96427
published_at	2026-04-04T12:55:00Z

value	0.27744
scoring_system	epss
scoring_elements	0.96431
published_at	2026-04-07T12:55:00Z

value	0.27744
scoring_system	epss
scoring_elements	0.96439
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25216

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1953872
reference_id	1953872
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1953872

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987743
reference_id	987743
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987743

reference_url	https://security.archlinux.org/ASA-202104-10
reference_id	ASA-202104-10
reference_type
scores
url	https://security.archlinux.org/ASA-202104-10

reference_url

reference_id

AVG-1890

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25218.json

reference_url	https://usn.ubuntu.com/4929-1/
reference_id	USN-4929-1
reference_type
scores
url	https://usn.ubuntu.com/4929-1/

reference_url	https://usn.ubuntu.com/7739-1/
reference_id	USN-7739-1
reference_type
scores
url	https://usn.ubuntu.com/7739-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.15-1
purl	pkg:alpm/archlinux/bind@9.16.15-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.15-1

aliases CVE-2021-25216

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rd8n-tcus-zyg3

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.15-1

pkg:alpm/archlinux/bind@9.16.19-1

alpm

archlinux

bind

9.16.19-1

true

9.16.20-1

9.20.9-1

url VCID-x9g2-pnfe-qyhh

vulnerability_id VCID-x9g2-pnfe-qyhh

summary bind: Too strict assertion check could be triggered when responses require UDP fragmentation if RRL is in use

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25218.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25218

reference_id

reference_type

scores

value	0.00584
scoring_system	epss
scoring_elements	0.68945
published_at	2026-04-01T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.6901
published_at	2026-04-13T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.69054
published_at	2026-04-11T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.6904
published_at	2026-04-12T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.68963
published_at	2026-04-02T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.68983
published_at	2026-04-04T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.68962
published_at	2026-04-07T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.69013
published_at	2026-04-08T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.69032
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25218

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1995312
reference_id	1995312
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1995312

reference_url

reference_id

AVG-2303

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25218.json

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.20-1
purl	pkg:alpm/archlinux/bind@9.16.20-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.20-1

aliases CVE-2021-25218

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x9g2-pnfe-qyhh

3.4

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.19-1

pkg:alpm/archlinux/bind@9.16.20-1

alpm

archlinux

bind

9.16.20-1

false

9.16.22-1

9.20.9-1

url VCID-x9g2-pnfe-qyhh

vulnerability_id VCID-x9g2-pnfe-qyhh

summary bind: Too strict assertion check could be triggered when responses require UDP fragmentation if RRL is in use

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25218.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25218

reference_id

reference_type

scores

value	0.00584
scoring_system	epss
scoring_elements	0.68945
published_at	2026-04-01T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.6901
published_at	2026-04-13T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.69054
published_at	2026-04-11T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.6904
published_at	2026-04-12T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.68963
published_at	2026-04-02T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.68983
published_at	2026-04-04T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.68962
published_at	2026-04-07T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.69013
published_at	2026-04-08T12:55:00Z

value	0.00584
scoring_system	epss
scoring_elements	0.69032
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25218

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1995312
reference_id	1995312
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1995312

reference_url

reference_id

AVG-2303

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25219.json

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.20-1
purl	pkg:alpm/archlinux/bind@9.16.20-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.20-1

aliases CVE-2021-25218

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x9g2-pnfe-qyhh

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.20-1

pkg:alpm/archlinux/bind@9.16.21-1

alpm

archlinux

bind

9.16.21-1

true

9.16.22-1

9.20.9-1

url VCID-8k3p-761z-f3e3

vulnerability_id VCID-8k3p-761z-f3e3

summary Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25219.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25219

reference_id

reference_type

scores

value	0.00957
scoring_system	epss
scoring_elements	0.76379
published_at	2026-04-01T12:55:00Z

value	0.00957
scoring_system	epss
scoring_elements	0.76394
published_at	2026-04-07T12:55:00Z

value	0.00957
scoring_system	epss
scoring_elements	0.76383
published_at	2026-04-02T12:55:00Z

value	0.00957
scoring_system	epss
scoring_elements	0.76412
published_at	2026-04-04T12:55:00Z

value	0.00957
scoring_system	epss
scoring_elements	0.76427
published_at	2026-04-08T12:55:00Z

value	0.00957
scoring_system	epss
scoring_elements	0.7644
published_at	2026-04-09T12:55:00Z

value	0.01039
scoring_system	epss
scoring_elements	0.77425
published_at	2026-04-12T12:55:00Z

value	0.01039
scoring_system	epss
scoring_elements	0.77421
published_at	2026-04-13T12:55:00Z

value	0.01039
scoring_system	epss
scoring_elements	0.77445
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25219

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2017636
reference_id	2017636
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2017636

reference_url	https://security.archlinux.org/ASA-202110-12
reference_id	ASA-202110-12
reference_type
scores
url	https://security.archlinux.org/ASA-202110-12

reference_url

reference_id

AVG-2502

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25219.json

reference_url	https://security.gentoo.org/glsa/202210-25
reference_id	GLSA-202210-25
reference_type
scores
url	https://security.gentoo.org/glsa/202210-25

reference_url	https://access.redhat.com/errata/RHSA-2022:2092
reference_id	RHSA-2022:2092
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2092

reference_url	https://usn.ubuntu.com/5126-1/
reference_id	USN-5126-1
reference_type
scores
url	https://usn.ubuntu.com/5126-1/

reference_url	https://usn.ubuntu.com/5126-2/
reference_id	USN-5126-2
reference_type
scores
url	https://usn.ubuntu.com/5126-2/

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.22-1
purl	pkg:alpm/archlinux/bind@9.16.22-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.22-1

aliases CVE-2021-25219

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8k3p-761z-f3e3

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.21-1

pkg:alpm/archlinux/bind@9.16.22-1

alpm

archlinux

bind

9.16.22-1

false

9.18.1-1

9.20.9-1

url VCID-8k3p-761z-f3e3

vulnerability_id VCID-8k3p-761z-f3e3

summary Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25219.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25219

reference_id

reference_type

scores

value	0.00957
scoring_system	epss
scoring_elements	0.76379
published_at	2026-04-01T12:55:00Z

value	0.00957
scoring_system	epss
scoring_elements	0.76394
published_at	2026-04-07T12:55:00Z

value	0.00957
scoring_system	epss
scoring_elements	0.76383
published_at	2026-04-02T12:55:00Z

value	0.00957
scoring_system	epss
scoring_elements	0.76412
published_at	2026-04-04T12:55:00Z

value	0.00957
scoring_system	epss
scoring_elements	0.76427
published_at	2026-04-08T12:55:00Z

value	0.00957
scoring_system	epss
scoring_elements	0.7644
published_at	2026-04-09T12:55:00Z

value	0.01039
scoring_system	epss
scoring_elements	0.77425
published_at	2026-04-12T12:55:00Z

value	0.01039
scoring_system	epss
scoring_elements	0.77421
published_at	2026-04-13T12:55:00Z

value	0.01039
scoring_system	epss
scoring_elements	0.77445
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25219

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2017636
reference_id	2017636
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2017636

reference_url	https://security.archlinux.org/ASA-202110-12
reference_id	ASA-202110-12
reference_type
scores
url	https://security.archlinux.org/ASA-202110-12

reference_url

reference_id

AVG-2502

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25220.json

reference_url	https://security.gentoo.org/glsa/202210-25
reference_id	GLSA-202210-25
reference_type
scores
url	https://security.gentoo.org/glsa/202210-25

reference_url	https://access.redhat.com/errata/RHSA-2022:2092
reference_id	RHSA-2022:2092
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2092

reference_url	https://usn.ubuntu.com/5126-1/
reference_id	USN-5126-1
reference_type
scores
url	https://usn.ubuntu.com/5126-1/

reference_url	https://usn.ubuntu.com/5126-2/
reference_id	USN-5126-2
reference_type
scores
url	https://usn.ubuntu.com/5126-2/

fixed_packages

url	pkg:alpm/archlinux/bind@9.16.22-1
purl	pkg:alpm/archlinux/bind@9.16.22-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.22-1

aliases CVE-2021-25219

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8k3p-761z-f3e3

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.16.22-1

pkg:alpm/archlinux/bind@9.18.0-1

alpm

archlinux

bind

9.18.0-1

true

9.18.1-1

9.20.9-1

url VCID-67zf-a3r9-wqcv

vulnerability_id VCID-67zf-a3r9-wqcv

summary Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25220.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25220

reference_id

reference_type

scores

value	0.00105
scoring_system	epss
scoring_elements	0.28459
published_at	2026-04-13T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.2851
published_at	2026-04-08T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.2855
published_at	2026-04-09T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28551
published_at	2026-04-11T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28509
published_at	2026-04-12T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29013
published_at	2026-04-07T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29079
published_at	2026-04-01T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29153
published_at	2026-04-02T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29202
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25220

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2064512
reference_id	2064512
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2064512

reference_url	https://security.archlinux.org/ASA-202204-5
reference_id	ASA-202204-5
reference_type
scores
url	https://security.archlinux.org/ASA-202204-5

reference_url

reference_id

AVG-2661

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0667.json

reference_url	https://security.gentoo.org/glsa/202210-25
reference_id	GLSA-202210-25
reference_type
scores
url	https://security.gentoo.org/glsa/202210-25

reference_url	https://access.redhat.com/errata/RHSA-2022:7643
reference_id	RHSA-2022:7643
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7643

reference_url	https://access.redhat.com/errata/RHSA-2022:7790
reference_id	RHSA-2022:7790
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7790

reference_url	https://access.redhat.com/errata/RHSA-2022:8068
reference_id	RHSA-2022:8068
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8068

reference_url	https://access.redhat.com/errata/RHSA-2022:8385
reference_id	RHSA-2022:8385
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8385

reference_url	https://access.redhat.com/errata/RHSA-2023:0402
reference_id	RHSA-2023:0402
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0402

reference_url	https://access.redhat.com/errata/RHSA-2024:2720
reference_id	RHSA-2024:2720
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2720

reference_url	https://access.redhat.com/errata/RHSA-2025:21740
reference_id	RHSA-2025:21740
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:21740

reference_url	https://access.redhat.com/errata/RHSA-2025:21741
reference_id	RHSA-2025:21741
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:21741

reference_url	https://access.redhat.com/errata/RHSA-2025:21889
reference_id	RHSA-2025:21889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:21889

reference_url	https://access.redhat.com/errata/RHSA-2025:22168
reference_id	RHSA-2025:22168
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22168

reference_url	https://access.redhat.com/errata/RHSA-2025:23414
reference_id	RHSA-2025:23414
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23414

reference_url	https://usn.ubuntu.com/5332-1/
reference_id	USN-5332-1
reference_type
scores
url	https://usn.ubuntu.com/5332-1/

reference_url	https://usn.ubuntu.com/5332-2/
reference_id	USN-5332-2
reference_type
scores
url	https://usn.ubuntu.com/5332-2/

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.1-1
purl	pkg:alpm/archlinux/bind@9.18.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.1-1

aliases CVE-2021-25220

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-67zf-a3r9-wqcv

url VCID-b3u2-wjzm-duhc

vulnerability_id VCID-b3u2-wjzm-duhc

summary bind: When chasing DS records, a timed-out or artificially delayed fetch could cause 'named' to crash while resuming a DS lookup

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0667.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0667

reference_id

reference_type

scores

value	0.00694
scoring_system	epss
scoring_elements	0.71825
published_at	2026-04-01T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71866
published_at	2026-04-13T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71901
published_at	2026-04-11T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71883
published_at	2026-04-12T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71834
published_at	2026-04-02T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71853
published_at	2026-04-04T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71827
published_at	2026-04-07T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71865
published_at	2026-04-08T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71877
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0667

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2064515
reference_id	2064515
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2064515

reference_url	https://security.archlinux.org/ASA-202204-5
reference_id	ASA-202204-5
reference_type
scores
url	https://security.archlinux.org/ASA-202204-5

reference_url

reference_id

AVG-2661

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0635.json

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.1-1
purl	pkg:alpm/archlinux/bind@9.18.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.1-1

aliases CVE-2022-0667

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b3u2-wjzm-duhc

url VCID-x4bu-4ex7-37cd

vulnerability_id VCID-x4bu-4ex7-37cd

summary bind: Lookups involving a DNAME could trigger an assertion failure when 'synth-from-dnssec' was enabled (which is the default)

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0635.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0635

reference_id

reference_type

scores

value	0.00781
scoring_system	epss
scoring_elements	0.73649
published_at	2026-04-01T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73697
published_at	2026-04-13T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73724
published_at	2026-04-11T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73706
published_at	2026-04-12T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73658
published_at	2026-04-02T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73682
published_at	2026-04-04T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73654
published_at	2026-04-07T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.7369
published_at	2026-04-08T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73703
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0635

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2064514
reference_id	2064514
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2064514

reference_url	https://security.archlinux.org/ASA-202204-5
reference_id	ASA-202204-5
reference_type
scores
url	https://security.archlinux.org/ASA-202204-5

reference_url

reference_id

AVG-2661

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0396.json

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.1-1
purl	pkg:alpm/archlinux/bind@9.18.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.1-1

aliases CVE-2022-0635

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x4bu-4ex7-37cd

url VCID-zgnn-ckqt-43fq

vulnerability_id VCID-zgnn-ckqt-43fq

summary Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0396.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0396

reference_id

reference_type

scores

value	0.00105
scoring_system	epss
scoring_elements	0.28578
published_at	2026-04-01T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.2853
published_at	2026-04-13T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28623
published_at	2026-04-11T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28579
published_at	2026-04-12T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28665
published_at	2026-04-02T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.2871
published_at	2026-04-04T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28516
published_at	2026-04-07T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28581
published_at	2026-04-08T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28621
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2064513
reference_id	2064513
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2064513

reference_url	https://security.archlinux.org/ASA-202204-5
reference_id	ASA-202204-5
reference_type
scores
url	https://security.archlinux.org/ASA-202204-5

reference_url

reference_id

AVG-2661

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25220.json

reference_url	https://security.gentoo.org/glsa/202210-25
reference_id	GLSA-202210-25
reference_type
scores
url	https://security.gentoo.org/glsa/202210-25

reference_url	https://access.redhat.com/errata/RHSA-2022:7643
reference_id	RHSA-2022:7643
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7643

reference_url	https://access.redhat.com/errata/RHSA-2022:8068
reference_id	RHSA-2022:8068
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8068

reference_url	https://usn.ubuntu.com/5332-1/
reference_id	USN-5332-1
reference_type
scores
url	https://usn.ubuntu.com/5332-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.1-1
purl	pkg:alpm/archlinux/bind@9.18.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.1-1

aliases CVE-2022-0396

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zgnn-ckqt-43fq

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.0-1

pkg:alpm/archlinux/bind@9.18.1-1

alpm

archlinux

bind

9.18.1-1

false

9.18.3-1

9.20.9-1

url VCID-67zf-a3r9-wqcv

vulnerability_id VCID-67zf-a3r9-wqcv

summary Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25220.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25220

reference_id

reference_type

scores

value	0.00105
scoring_system	epss
scoring_elements	0.28459
published_at	2026-04-13T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.2851
published_at	2026-04-08T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.2855
published_at	2026-04-09T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28551
published_at	2026-04-11T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28509
published_at	2026-04-12T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29013
published_at	2026-04-07T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29079
published_at	2026-04-01T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29153
published_at	2026-04-02T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29202
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25220

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2064512
reference_id	2064512
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2064512

reference_url	https://security.archlinux.org/ASA-202204-5
reference_id	ASA-202204-5
reference_type
scores
url	https://security.archlinux.org/ASA-202204-5

reference_url

reference_id

AVG-2661

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0667.json

reference_url	https://security.gentoo.org/glsa/202210-25
reference_id	GLSA-202210-25
reference_type
scores
url	https://security.gentoo.org/glsa/202210-25

reference_url	https://access.redhat.com/errata/RHSA-2022:7643
reference_id	RHSA-2022:7643
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7643

reference_url	https://access.redhat.com/errata/RHSA-2022:7790
reference_id	RHSA-2022:7790
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7790

reference_url	https://access.redhat.com/errata/RHSA-2022:8068
reference_id	RHSA-2022:8068
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8068

reference_url	https://access.redhat.com/errata/RHSA-2022:8385
reference_id	RHSA-2022:8385
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8385

reference_url	https://access.redhat.com/errata/RHSA-2023:0402
reference_id	RHSA-2023:0402
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0402

reference_url	https://access.redhat.com/errata/RHSA-2024:2720
reference_id	RHSA-2024:2720
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2720

reference_url	https://access.redhat.com/errata/RHSA-2025:21740
reference_id	RHSA-2025:21740
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:21740

reference_url	https://access.redhat.com/errata/RHSA-2025:21741
reference_id	RHSA-2025:21741
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:21741

reference_url	https://access.redhat.com/errata/RHSA-2025:21889
reference_id	RHSA-2025:21889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:21889

reference_url	https://access.redhat.com/errata/RHSA-2025:22168
reference_id	RHSA-2025:22168
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22168

reference_url	https://access.redhat.com/errata/RHSA-2025:23414
reference_id	RHSA-2025:23414
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23414

reference_url	https://usn.ubuntu.com/5332-1/
reference_id	USN-5332-1
reference_type
scores
url	https://usn.ubuntu.com/5332-1/

reference_url	https://usn.ubuntu.com/5332-2/
reference_id	USN-5332-2
reference_type
scores
url	https://usn.ubuntu.com/5332-2/

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.1-1
purl	pkg:alpm/archlinux/bind@9.18.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.1-1

aliases CVE-2021-25220

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-67zf-a3r9-wqcv

url VCID-b3u2-wjzm-duhc

vulnerability_id VCID-b3u2-wjzm-duhc

summary bind: When chasing DS records, a timed-out or artificially delayed fetch could cause 'named' to crash while resuming a DS lookup

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0667.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0667

reference_id

reference_type

scores

value	0.00694
scoring_system	epss
scoring_elements	0.71825
published_at	2026-04-01T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71866
published_at	2026-04-13T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71901
published_at	2026-04-11T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71883
published_at	2026-04-12T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71834
published_at	2026-04-02T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71853
published_at	2026-04-04T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71827
published_at	2026-04-07T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71865
published_at	2026-04-08T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71877
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0667

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2064515
reference_id	2064515
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2064515

reference_url	https://security.archlinux.org/ASA-202204-5
reference_id	ASA-202204-5
reference_type
scores
url	https://security.archlinux.org/ASA-202204-5

reference_url

reference_id

AVG-2661

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0635.json

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.1-1
purl	pkg:alpm/archlinux/bind@9.18.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.1-1

aliases CVE-2022-0667

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b3u2-wjzm-duhc

url VCID-x4bu-4ex7-37cd

vulnerability_id VCID-x4bu-4ex7-37cd

summary bind: Lookups involving a DNAME could trigger an assertion failure when 'synth-from-dnssec' was enabled (which is the default)

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0635.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0635

reference_id

reference_type

scores

value	0.00781
scoring_system	epss
scoring_elements	0.73649
published_at	2026-04-01T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73697
published_at	2026-04-13T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73724
published_at	2026-04-11T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73706
published_at	2026-04-12T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73658
published_at	2026-04-02T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73682
published_at	2026-04-04T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73654
published_at	2026-04-07T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.7369
published_at	2026-04-08T12:55:00Z

value	0.00781
scoring_system	epss
scoring_elements	0.73703
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0635

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2064514
reference_id	2064514
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2064514

reference_url	https://security.archlinux.org/ASA-202204-5
reference_id	ASA-202204-5
reference_type
scores
url	https://security.archlinux.org/ASA-202204-5

reference_url

reference_id

AVG-2661

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0396.json

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.1-1
purl	pkg:alpm/archlinux/bind@9.18.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.1-1

aliases CVE-2022-0635

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x4bu-4ex7-37cd

url VCID-zgnn-ckqt-43fq

vulnerability_id VCID-zgnn-ckqt-43fq

summary Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0396.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0396

reference_id

reference_type

scores

value	0.00105
scoring_system	epss
scoring_elements	0.28578
published_at	2026-04-01T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.2853
published_at	2026-04-13T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28623
published_at	2026-04-11T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28579
published_at	2026-04-12T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28665
published_at	2026-04-02T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.2871
published_at	2026-04-04T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28516
published_at	2026-04-07T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28581
published_at	2026-04-08T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28621
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2064513
reference_id	2064513
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2064513

reference_url	https://security.archlinux.org/ASA-202204-5
reference_id	ASA-202204-5
reference_type
scores
url	https://security.archlinux.org/ASA-202204-5

reference_url

reference_id

AVG-2661

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1183.json

reference_url	https://security.gentoo.org/glsa/202210-25
reference_id	GLSA-202210-25
reference_type
scores
url	https://security.gentoo.org/glsa/202210-25

reference_url	https://access.redhat.com/errata/RHSA-2022:7643
reference_id	RHSA-2022:7643
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7643

reference_url	https://access.redhat.com/errata/RHSA-2022:8068
reference_id	RHSA-2022:8068
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8068

reference_url	https://usn.ubuntu.com/5332-1/
reference_id	USN-5332-1
reference_type
scores
url	https://usn.ubuntu.com/5332-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.1-1
purl	pkg:alpm/archlinux/bind@9.18.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.1-1

aliases CVE-2022-0396

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zgnn-ckqt-43fq

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.1-1

pkg:alpm/archlinux/bind@9.18.2-1

alpm

archlinux

bind

9.18.2-1

true

9.18.3-1

9.20.9-1

url VCID-qhg8-95mf-aufj

vulnerability_id VCID-qhg8-95mf-aufj

summary bind: Destroying a TLS session early causes assertion failure

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1183.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-1183

reference_id

reference_type

scores

value	0.00392
scoring_system	epss
scoring_elements	0.60098
published_at	2026-04-01T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60175
published_at	2026-04-02T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60201
published_at	2026-04-04T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.6017
published_at	2026-04-07T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60219
published_at	2026-04-08T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60234
published_at	2026-04-09T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60255
published_at	2026-04-11T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60241
published_at	2026-04-12T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60224
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-1183

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2087575
reference_id	2087575
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2087575

reference_url

reference_id

AVG-2727

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1183.json

reference_url	https://usn.ubuntu.com/5429-1/
reference_id	USN-5429-1
reference_type
scores
url	https://usn.ubuntu.com/5429-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.3-1
purl	pkg:alpm/archlinux/bind@9.18.3-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.3-1

aliases CVE-2022-1183

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qhg8-95mf-aufj

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.2-1

pkg:alpm/archlinux/bind@9.18.3-1

alpm

archlinux

bind

9.18.3-1

false

9.18.7-1

9.20.9-1

url VCID-qhg8-95mf-aufj

vulnerability_id VCID-qhg8-95mf-aufj

summary bind: Destroying a TLS session early causes assertion failure

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1183.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-1183

reference_id

reference_type

scores

value	0.00392
scoring_system	epss
scoring_elements	0.60098
published_at	2026-04-01T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60175
published_at	2026-04-02T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60201
published_at	2026-04-04T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.6017
published_at	2026-04-07T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60219
published_at	2026-04-08T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60234
published_at	2026-04-09T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60255
published_at	2026-04-11T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60241
published_at	2026-04-12T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60224
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-1183

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2087575
reference_id	2087575
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2087575

reference_url

reference_id

AVG-2727

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38178.json

reference_url	https://usn.ubuntu.com/5429-1/
reference_id	USN-5429-1
reference_type
scores
url	https://usn.ubuntu.com/5429-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.3-1
purl	pkg:alpm/archlinux/bind@9.18.3-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.3-1

aliases CVE-2022-1183

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qhg8-95mf-aufj

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.3-1

pkg:alpm/archlinux/bind@9.18.6-1

alpm

archlinux

bind

9.18.6-1

true

9.18.7-1

9.20.9-1

url VCID-hb26-udtw-6uhy

vulnerability_id VCID-hb26-udtw-6uhy

summary Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38178.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-38178

reference_id

reference_type

scores

value	0.01421
scoring_system	epss
scoring_elements	0.80593
published_at	2026-04-13T12:55:00Z

value	0.01421
scoring_system	epss
scoring_elements	0.80545
published_at	2026-04-02T12:55:00Z

value	0.01421
scoring_system	epss
scoring_elements	0.80567
published_at	2026-04-04T12:55:00Z

value	0.01421
scoring_system	epss
scoring_elements	0.80559
published_at	2026-04-07T12:55:00Z

value	0.01421
scoring_system	epss
scoring_elements	0.80588
published_at	2026-04-08T12:55:00Z

value	0.01421
scoring_system	epss
scoring_elements	0.80597
published_at	2026-04-09T12:55:00Z

value	0.01421
scoring_system	epss
scoring_elements	0.80614
published_at	2026-04-11T12:55:00Z

value	0.01421
scoring_system	epss
scoring_elements	0.80601
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-38178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2128602
reference_id	2128602
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2128602

reference_url

http://www.openwall.com/lists/oss-security/2022/09/21/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

http://www.openwall.com/lists/oss-security/2022/09/21/3

reference_url

reference_id

AVG-2811

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/

reference_url

reference_id

CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/

reference_url

reference_id

cve-2022-38178

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

reference_url

reference_id

dsa-5235

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

reference_url

reference_id

GLSA-202210-25

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/

reference_url

reference_id

MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/

reference_url

https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html

reference_id

msg00007.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html

reference_url

https://security.netapp.com/advisory/ntap-20221228-0009/

reference_id

ntap-20221228-0009

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

https://security.netapp.com/advisory/ntap-20221228-0009/

reference_url	https://access.redhat.com/errata/RHSA-2022:6763
reference_id	RHSA-2022:6763
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6763

reference_url	https://access.redhat.com/errata/RHSA-2022:6764
reference_id	RHSA-2022:6764
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6764

reference_url	https://access.redhat.com/errata/RHSA-2022:6765
reference_id	RHSA-2022:6765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6765

reference_url	https://access.redhat.com/errata/RHSA-2022:6778
reference_id	RHSA-2022:6778
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6778

reference_url	https://access.redhat.com/errata/RHSA-2022:6779
reference_id	RHSA-2022:6779
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6779

reference_url	https://access.redhat.com/errata/RHSA-2022:6780
reference_id	RHSA-2022:6780
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6780

reference_url	https://access.redhat.com/errata/RHSA-2022:6781
reference_id	RHSA-2022:6781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6781

reference_url	https://access.redhat.com/errata/RHSA-2022:8598
reference_id	RHSA-2022:8598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8598

reference_url	https://usn.ubuntu.com/5626-1/
reference_id	USN-5626-1
reference_type
scores
url	https://usn.ubuntu.com/5626-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/

reference_id

YZJQNUASODNVAWZV6STKG5SD6XIJ446S

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.7-1
purl	pkg:alpm/archlinux/bind@9.18.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.7-1

aliases CVE-2022-38178

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hb26-udtw-6uhy

url VCID-kpsw-dq9w-pkdr

vulnerability_id VCID-kpsw-dq9w-pkdr

summary Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2795.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2795.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-2795

reference_id

reference_type

scores

value	0.00493
scoring_system	epss
scoring_elements	0.65706
published_at	2026-04-13T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65669
published_at	2026-04-02T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65699
published_at	2026-04-04T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65665
published_at	2026-04-07T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65716
published_at	2026-04-08T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65728
published_at	2026-04-09T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.6575
published_at	2026-04-11T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65735
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2128584
reference_id	2128584
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2128584

reference_url

http://www.openwall.com/lists/oss-security/2022/09/21/3

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

http://www.openwall.com/lists/oss-security/2022/09/21/3

reference_url

reference_id

AVG-2811

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/

reference_url

reference_id

CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/

reference_url

reference_id

cve-2022-2795

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

reference_url

reference_id

dsa-5235

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

reference_url

reference_id

GLSA-202210-25

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/

reference_url

reference_id

MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/

reference_url

https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html

reference_id

msg00007.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html

reference_url	https://access.redhat.com/errata/RHSA-2023:0402
reference_id	RHSA-2023:0402
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0402

reference_url	https://access.redhat.com/errata/RHSA-2023:2261
reference_id	RHSA-2023:2261
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2261

reference_url	https://access.redhat.com/errata/RHSA-2023:2792
reference_id	RHSA-2023:2792
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2792

reference_url	https://access.redhat.com/errata/RHSA-2023:3002
reference_id	RHSA-2023:3002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3002

reference_url	https://access.redhat.com/errata/RHSA-2024:2720
reference_id	RHSA-2024:2720
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2720

reference_url	https://usn.ubuntu.com/5626-1/
reference_id	USN-5626-1
reference_type
scores
url	https://usn.ubuntu.com/5626-1/

reference_url	https://usn.ubuntu.com/5626-2/
reference_id	USN-5626-2
reference_type
scores
url	https://usn.ubuntu.com/5626-2/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/

reference_id

YZJQNUASODNVAWZV6STKG5SD6XIJ446S

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.7-1
purl	pkg:alpm/archlinux/bind@9.18.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.7-1

aliases CVE-2022-2795

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kpsw-dq9w-pkdr

url VCID-rgz6-urkq-ybch

vulnerability_id VCID-rgz6-urkq-ybch

summary Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3080.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3080.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-3080

reference_id

reference_type

scores

value	0.00109
scoring_system	epss
scoring_elements	0.292
published_at	2026-04-13T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29328
published_at	2026-04-02T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29378
published_at	2026-04-04T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.2919
published_at	2026-04-07T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29254
published_at	2026-04-08T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29295
published_at	2026-04-09T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29298
published_at	2026-04-11T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29252
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-3080

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2128600
reference_id	2128600
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2128600

reference_url

http://www.openwall.com/lists/oss-security/2022/09/21/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

http://www.openwall.com/lists/oss-security/2022/09/21/3

reference_url

reference_id

AVG-2811

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/

reference_url

reference_id

CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/

reference_url

reference_id

cve-2022-3080

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

reference_url

reference_id

dsa-5235

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

reference_url

reference_id

GLSA-202210-25

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/

reference_url

reference_id

MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/

reference_url

https://security.netapp.com/advisory/ntap-20240621-0002/

reference_id

ntap-20240621-0002

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

https://security.netapp.com/advisory/ntap-20240621-0002/

reference_url	https://access.redhat.com/errata/RHSA-2022:6763
reference_id	RHSA-2022:6763
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6763

reference_url	https://access.redhat.com/errata/RHSA-2022:6781
reference_id	RHSA-2022:6781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6781

reference_url	https://usn.ubuntu.com/5626-1/
reference_id	USN-5626-1
reference_type
scores
url	https://usn.ubuntu.com/5626-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/

reference_id

YZJQNUASODNVAWZV6STKG5SD6XIJ446S

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.7-1
purl	pkg:alpm/archlinux/bind@9.18.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.7-1

aliases CVE-2022-3080

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rgz6-urkq-ybch

3.4

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.6-1

pkg:alpm/archlinux/bind@9.18.7-1

alpm

archlinux

bind

9.18.7-1

false

9.20.9-1

url VCID-hb26-udtw-6uhy

vulnerability_id VCID-hb26-udtw-6uhy

summary Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38178.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38178.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-38178

reference_id

reference_type

scores

value	0.01421
scoring_system	epss
scoring_elements	0.80593
published_at	2026-04-13T12:55:00Z

value	0.01421
scoring_system	epss
scoring_elements	0.80545
published_at	2026-04-02T12:55:00Z

value	0.01421
scoring_system	epss
scoring_elements	0.80567
published_at	2026-04-04T12:55:00Z

value	0.01421
scoring_system	epss
scoring_elements	0.80559
published_at	2026-04-07T12:55:00Z

value	0.01421
scoring_system	epss
scoring_elements	0.80588
published_at	2026-04-08T12:55:00Z

value	0.01421
scoring_system	epss
scoring_elements	0.80597
published_at	2026-04-09T12:55:00Z

value	0.01421
scoring_system	epss
scoring_elements	0.80614
published_at	2026-04-11T12:55:00Z

value	0.01421
scoring_system	epss
scoring_elements	0.80601
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-38178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2128602
reference_id	2128602
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2128602

reference_url

http://www.openwall.com/lists/oss-security/2022/09/21/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

http://www.openwall.com/lists/oss-security/2022/09/21/3

reference_url

reference_id

AVG-2811

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/

reference_url

reference_id

CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/

reference_url

reference_id

cve-2022-38178

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

reference_url

reference_id

dsa-5235

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

reference_url

reference_id

GLSA-202210-25

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/

reference_url

reference_id

MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/

reference_url

https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html

reference_id

msg00007.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html

reference_url

https://security.netapp.com/advisory/ntap-20221228-0009/

reference_id

ntap-20221228-0009

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

https://security.netapp.com/advisory/ntap-20221228-0009/

reference_url	https://access.redhat.com/errata/RHSA-2022:6763
reference_id	RHSA-2022:6763
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6763

reference_url	https://access.redhat.com/errata/RHSA-2022:6764
reference_id	RHSA-2022:6764
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6764

reference_url	https://access.redhat.com/errata/RHSA-2022:6765
reference_id	RHSA-2022:6765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6765

reference_url	https://access.redhat.com/errata/RHSA-2022:6778
reference_id	RHSA-2022:6778
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6778

reference_url	https://access.redhat.com/errata/RHSA-2022:6779
reference_id	RHSA-2022:6779
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6779

reference_url	https://access.redhat.com/errata/RHSA-2022:6780
reference_id	RHSA-2022:6780
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6780

reference_url	https://access.redhat.com/errata/RHSA-2022:6781
reference_id	RHSA-2022:6781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6781

reference_url	https://access.redhat.com/errata/RHSA-2022:8598
reference_id	RHSA-2022:8598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8598

reference_url	https://usn.ubuntu.com/5626-1/
reference_id	USN-5626-1
reference_type
scores
url	https://usn.ubuntu.com/5626-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/

reference_id

YZJQNUASODNVAWZV6STKG5SD6XIJ446S

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.7-1
purl	pkg:alpm/archlinux/bind@9.18.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.7-1

aliases CVE-2022-38178

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hb26-udtw-6uhy

url VCID-kpsw-dq9w-pkdr

vulnerability_id VCID-kpsw-dq9w-pkdr

summary Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2795.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2795.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-2795

reference_id

reference_type

scores

value	0.00493
scoring_system	epss
scoring_elements	0.65706
published_at	2026-04-13T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65669
published_at	2026-04-02T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65699
published_at	2026-04-04T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65665
published_at	2026-04-07T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65716
published_at	2026-04-08T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65728
published_at	2026-04-09T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.6575
published_at	2026-04-11T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65735
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2128584
reference_id	2128584
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2128584

reference_url

http://www.openwall.com/lists/oss-security/2022/09/21/3

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

http://www.openwall.com/lists/oss-security/2022/09/21/3

reference_url

reference_id

AVG-2811

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/

reference_url

reference_id

CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/

reference_url

reference_id

cve-2022-2795

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

reference_url

reference_id

dsa-5235

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

reference_url

reference_id

GLSA-202210-25

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/

reference_url

reference_id

MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/

reference_url

https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html

reference_id

msg00007.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html

reference_url	https://access.redhat.com/errata/RHSA-2023:0402
reference_id	RHSA-2023:0402
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0402

reference_url	https://access.redhat.com/errata/RHSA-2023:2261
reference_id	RHSA-2023:2261
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2261

reference_url	https://access.redhat.com/errata/RHSA-2023:2792
reference_id	RHSA-2023:2792
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2792

reference_url	https://access.redhat.com/errata/RHSA-2023:3002
reference_id	RHSA-2023:3002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3002

reference_url	https://access.redhat.com/errata/RHSA-2024:2720
reference_id	RHSA-2024:2720
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2720

reference_url	https://usn.ubuntu.com/5626-1/
reference_id	USN-5626-1
reference_type
scores
url	https://usn.ubuntu.com/5626-1/

reference_url	https://usn.ubuntu.com/5626-2/
reference_id	USN-5626-2
reference_type
scores
url	https://usn.ubuntu.com/5626-2/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/

reference_id

YZJQNUASODNVAWZV6STKG5SD6XIJ446S

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.7-1
purl	pkg:alpm/archlinux/bind@9.18.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.7-1

aliases CVE-2022-2795

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kpsw-dq9w-pkdr

url VCID-rgz6-urkq-ybch

vulnerability_id VCID-rgz6-urkq-ybch

summary Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3080.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3080.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-3080

reference_id

reference_type

scores

value	0.00109
scoring_system	epss
scoring_elements	0.292
published_at	2026-04-13T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29328
published_at	2026-04-02T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29378
published_at	2026-04-04T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.2919
published_at	2026-04-07T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29254
published_at	2026-04-08T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29295
published_at	2026-04-09T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29298
published_at	2026-04-11T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29252
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-3080

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2128600
reference_id	2128600
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2128600

reference_url

http://www.openwall.com/lists/oss-security/2022/09/21/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

http://www.openwall.com/lists/oss-security/2022/09/21/3

reference_url

reference_id

AVG-2811

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/

reference_url

reference_id

CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/

reference_url

reference_id

cve-2022-3080

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

reference_url

reference_id

dsa-5235

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

reference_url

reference_id

GLSA-202210-25

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/

reference_url

reference_id

MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/

reference_url

https://security.netapp.com/advisory/ntap-20240621-0002/

reference_id

ntap-20240621-0002

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

https://security.netapp.com/advisory/ntap-20240621-0002/

reference_url	https://access.redhat.com/errata/RHSA-2022:6763
reference_id	RHSA-2022:6763
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6763

reference_url	https://access.redhat.com/errata/RHSA-2022:6781
reference_id	RHSA-2022:6781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6781

reference_url	https://usn.ubuntu.com/5626-1/
reference_id	USN-5626-1
reference_type
scores
url	https://usn.ubuntu.com/5626-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/

reference_id

YZJQNUASODNVAWZV6STKG5SD6XIJ446S

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/

fixed_packages

url	pkg:alpm/archlinux/bind@9.18.7-1
purl	pkg:alpm/archlinux/bind@9.18.7-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.7-1

aliases CVE-2022-3080

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rgz6-urkq-ybch

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.18.7-1

pkg:alpm/archlinux/bind@9.20.8-2

alpm

archlinux

bind

9.20.8-2

true

9.20.9-1

url VCID-nw9j-ggq9-uqaq

vulnerability_id VCID-nw9j-ggq9-uqaq

summary bind: DNS message with invalid TSIG causes an assertion failure

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40775.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40775.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-40775

reference_id

reference_type

scores

value	0.00138
scoring_system	epss
scoring_elements	0.33915
published_at	2026-04-04T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33884
published_at	2026-04-02T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33769
published_at	2026-04-07T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39862
published_at	2026-04-12T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39845
published_at	2026-04-13T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39873
published_at	2026-04-08T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39887
published_at	2026-04-09T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39896
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-40775

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2367442
reference_id	2367442
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2367442

reference_url	https://security.archlinux.org/ASA-202505-14
reference_id	ASA-202505-14
reference_type
scores
url	https://security.archlinux.org/ASA-202505-14

reference_url

reference_id

AVG-2881

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

cve-2025-40775

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-21T13:19:58Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40775.json

reference_url	https://usn.ubuntu.com/7526-1/
reference_id	USN-7526-1
reference_type
scores
url	https://usn.ubuntu.com/7526-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.20.9-1
purl	pkg:alpm/archlinux/bind@9.20.9-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.20.9-1

aliases CVE-2025-40775

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nw9j-ggq9-uqaq

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.20.8-2

pkg:alpm/archlinux/bind@9.20.9-1

alpm

archlinux

bind

9.20.9-1

false

null

url VCID-nw9j-ggq9-uqaq

vulnerability_id VCID-nw9j-ggq9-uqaq

summary bind: DNS message with invalid TSIG causes an assertion failure

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40775.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-40775

reference_id

reference_type

scores

value	0.00138
scoring_system	epss
scoring_elements	0.33915
published_at	2026-04-04T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33884
published_at	2026-04-02T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33769
published_at	2026-04-07T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39862
published_at	2026-04-12T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39845
published_at	2026-04-13T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39873
published_at	2026-04-08T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39887
published_at	2026-04-09T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39896
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-40775

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2367442
reference_id	2367442
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2367442

reference_url	https://security.archlinux.org/ASA-202505-14
reference_id	ASA-202505-14
reference_type
scores
url	https://security.archlinux.org/ASA-202505-14

reference_url

reference_id

AVG-2881

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

cve-2025-40775

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-21T13:19:58Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7224.json

reference_url	https://usn.ubuntu.com/7526-1/
reference_id	USN-7526-1
reference_type
scores
url	https://usn.ubuntu.com/7526-1/

fixed_packages

url	pkg:alpm/archlinux/bind@9.20.9-1
purl	pkg:alpm/archlinux/bind@9.20.9-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.20.9-1

aliases CVE-2025-40775

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nw9j-ggq9-uqaq

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bind@9.20.9-1

pkg:alpm/archlinux/binutils@2.26.0-1

alpm

archlinux

binutils

2.26.0-1

true

2.28.0-1

2.38-1

url VCID-2p9v-kf9t-b7fs

vulnerability_id VCID-2p9v-kf9t-b7fs

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7224.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7224

reference_id

reference_type

scores

value	0.00296
scoring_system	epss
scoring_elements	0.52812
published_at	2026-04-01T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52896
published_at	2026-04-13T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52878
published_at	2026-04-09T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52928
published_at	2026-04-11T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52912
published_at	2026-04-12T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52839
published_at	2026-04-02T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52865
published_at	2026-04-04T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52833
published_at	2026-04-07T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52884
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7224

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7224
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7224

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=20892
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=20892

reference_url	http://www.securityfocus.com/bid/97277
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/97277

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435247
reference_id	1435247
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435247

reference_url

reference_id

AVG-936

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-7224

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7225.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url pkg:alpm/archlinux/binutils@2.27.0-1

purl pkg:alpm/archlinux/binutils@2.27.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-325s-kx5s-97dj

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.27.0-1

aliases CVE-2017-7224

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2p9v-kf9t-b7fs

url VCID-cttr-nc15-jbb9

vulnerability_id VCID-cttr-nc15-jbb9

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7225.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7225

reference_id

reference_type

scores

value	0.00391
scoring_system	epss
scoring_elements	0.60116
published_at	2026-04-13T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.6254
published_at	2026-04-01T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62662
published_at	2026-04-09T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.6268
published_at	2026-04-11T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62669
published_at	2026-04-12T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62598
published_at	2026-04-02T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62631
published_at	2026-04-04T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62596
published_at	2026-04-07T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62646
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7225

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7225
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7225

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=20891
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=20891

reference_url	http://www.securityfocus.com/bid/97275
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/97275

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435287
reference_id	1435287
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435287

reference_url

reference_id

AVG-936

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-7225

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7226.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url pkg:alpm/archlinux/binutils@2.27.0-1

purl pkg:alpm/archlinux/binutils@2.27.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-325s-kx5s-97dj

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.27.0-1

aliases CVE-2017-7225

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cttr-nc15-jbb9

url VCID-ej6t-hx56-hbfe

vulnerability_id VCID-ej6t-hx56-hbfe

summary binutils: Heap-based buffer over-read in pe_ILF_object_p function in libbfd

references

reference_url

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7226.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7226

reference_id

reference_type

scores

value	0.00379
scoring_system	epss
scoring_elements	0.59321
published_at	2026-04-01T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59434
published_at	2026-04-13T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.5945
published_at	2026-04-09T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59468
published_at	2026-04-11T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59452
published_at	2026-04-12T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59395
published_at	2026-04-02T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.5942
published_at	2026-04-04T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59385
published_at	2026-04-07T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59436
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7226

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=20905
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=20905

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435300
reference_id	1435300
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435300

reference_url

reference_id

AVG-936

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-7226

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7223.json

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url pkg:alpm/archlinux/binutils@2.27.0-1

purl pkg:alpm/archlinux/binutils@2.27.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-325s-kx5s-97dj

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.27.0-1

aliases CVE-2017-7226

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ej6t-hx56-hbfe

url VCID-qkjb-wje6-gkgr

vulnerability_id VCID-qkjb-wje6-gkgr

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7223.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7223

reference_id

reference_type

scores

value	0.0039
scoring_system	epss
scoring_elements	0.59919
published_at	2026-04-01T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60043
published_at	2026-04-13T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60055
published_at	2026-04-09T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60076
published_at	2026-04-11T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.6006
published_at	2026-04-12T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.59996
published_at	2026-04-02T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60021
published_at	2026-04-04T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.59991
published_at	2026-04-07T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60041
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7223

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7223
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7223

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=20898
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=20898

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435244
reference_id	1435244
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435244

reference_url

reference_id

AVG-936

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-7223

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7227.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url pkg:alpm/archlinux/binutils@2.27.0-1

purl pkg:alpm/archlinux/binutils@2.27.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-325s-kx5s-97dj

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.27.0-1

aliases CVE-2017-7223

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qkjb-wje6-gkgr

4.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.26.0-1

pkg:alpm/archlinux/binutils@2.27.0-1

alpm

archlinux

binutils

2.27.0-1

true

2.28.0-1

2.38-1

url VCID-325s-kx5s-97dj

vulnerability_id VCID-325s-kx5s-97dj

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7227.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7227

reference_id

reference_type

scores

value	0.0044
scoring_system	epss
scoring_elements	0.63094
published_at	2026-04-01T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.63182
published_at	2026-04-13T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.632
published_at	2026-04-08T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.63218
published_at	2026-04-09T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.63235
published_at	2026-04-11T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.63219
published_at	2026-04-12T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.63153
published_at	2026-04-02T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.63183
published_at	2026-04-04T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.63148
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7227

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7227
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7227

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=20906
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=20906

reference_url	http://www.securityfocus.com/bid/97209
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/97209

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435303
reference_id	1435303
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435303

reference_url

reference_id

AVG-937

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-7227

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7224.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.28.0-1
purl	pkg:alpm/archlinux/binutils@2.28.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.28.0-1

aliases CVE-2017-7227

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-325s-kx5s-97dj

url VCID-2p9v-kf9t-b7fs

vulnerability_id VCID-2p9v-kf9t-b7fs

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7224.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7224

reference_id

reference_type

scores

value	0.00296
scoring_system	epss
scoring_elements	0.52812
published_at	2026-04-01T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52896
published_at	2026-04-13T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52878
published_at	2026-04-09T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52928
published_at	2026-04-11T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52912
published_at	2026-04-12T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52839
published_at	2026-04-02T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52865
published_at	2026-04-04T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52833
published_at	2026-04-07T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52884
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7224

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7224
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7224

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=20892
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=20892

reference_url	http://www.securityfocus.com/bid/97277
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/97277

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435247
reference_id	1435247
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435247

reference_url

reference_id

AVG-936

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-7224

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7225.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url pkg:alpm/archlinux/binutils@2.27.0-1

purl pkg:alpm/archlinux/binutils@2.27.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-325s-kx5s-97dj

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.27.0-1

aliases CVE-2017-7224

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2p9v-kf9t-b7fs

url VCID-cttr-nc15-jbb9

vulnerability_id VCID-cttr-nc15-jbb9

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7225.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7225

reference_id

reference_type

scores

value	0.00391
scoring_system	epss
scoring_elements	0.60116
published_at	2026-04-13T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.6254
published_at	2026-04-01T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62662
published_at	2026-04-09T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.6268
published_at	2026-04-11T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62669
published_at	2026-04-12T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62598
published_at	2026-04-02T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62631
published_at	2026-04-04T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62596
published_at	2026-04-07T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62646
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7225

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7225
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7225

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=20891
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=20891

reference_url	http://www.securityfocus.com/bid/97275
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/97275

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435287
reference_id	1435287
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435287

reference_url

reference_id

AVG-936

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-7225

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7226.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url pkg:alpm/archlinux/binutils@2.27.0-1

purl pkg:alpm/archlinux/binutils@2.27.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-325s-kx5s-97dj

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.27.0-1

aliases CVE-2017-7225

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cttr-nc15-jbb9

url VCID-ej6t-hx56-hbfe

vulnerability_id VCID-ej6t-hx56-hbfe

summary binutils: Heap-based buffer over-read in pe_ILF_object_p function in libbfd

references

reference_url

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7226.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7226

reference_id

reference_type

scores

value	0.00379
scoring_system	epss
scoring_elements	0.59321
published_at	2026-04-01T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59434
published_at	2026-04-13T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.5945
published_at	2026-04-09T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59468
published_at	2026-04-11T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59452
published_at	2026-04-12T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59395
published_at	2026-04-02T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.5942
published_at	2026-04-04T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59385
published_at	2026-04-07T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59436
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7226

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=20905
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=20905

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435300
reference_id	1435300
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435300

reference_url

reference_id

AVG-936

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-7226

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7223.json

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url pkg:alpm/archlinux/binutils@2.27.0-1

purl pkg:alpm/archlinux/binutils@2.27.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-325s-kx5s-97dj

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.27.0-1

aliases CVE-2017-7226

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ej6t-hx56-hbfe

url VCID-qkjb-wje6-gkgr

vulnerability_id VCID-qkjb-wje6-gkgr

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7223.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7223

reference_id

reference_type

scores

value	0.0039
scoring_system	epss
scoring_elements	0.59919
published_at	2026-04-01T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60043
published_at	2026-04-13T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60055
published_at	2026-04-09T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60076
published_at	2026-04-11T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.6006
published_at	2026-04-12T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.59996
published_at	2026-04-02T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60021
published_at	2026-04-04T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.59991
published_at	2026-04-07T12:55:00Z

value	0.0039
scoring_system	epss
scoring_elements	0.60041
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7223

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7223
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7223

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=20898
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=20898

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435244
reference_id	1435244
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435244

reference_url

reference_id

AVG-936

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-7223

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7227.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url pkg:alpm/archlinux/binutils@2.27.0-1

purl pkg:alpm/archlinux/binutils@2.27.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-325s-kx5s-97dj

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.27.0-1

aliases CVE-2017-7223

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qkjb-wje6-gkgr

3.4

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.27.0-1

pkg:alpm/archlinux/binutils@2.28.0-1

alpm

archlinux

binutils

2.28.0-1

false

2.29.0-1

2.38-1

url VCID-325s-kx5s-97dj

vulnerability_id VCID-325s-kx5s-97dj

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7227.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7227

reference_id

reference_type

scores

value	0.0044
scoring_system	epss
scoring_elements	0.63094
published_at	2026-04-01T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.63182
published_at	2026-04-13T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.632
published_at	2026-04-08T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.63218
published_at	2026-04-09T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.63235
published_at	2026-04-11T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.63219
published_at	2026-04-12T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.63153
published_at	2026-04-02T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.63183
published_at	2026-04-04T12:55:00Z

value	0.0044
scoring_system	epss
scoring_elements	0.63148
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7227

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7227
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7227

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=20906
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=20906

reference_url	http://www.securityfocus.com/bid/97209
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/97209

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435303
reference_id	1435303
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435303

reference_url

reference_id

AVG-937

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-7227

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6965.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.28.0-1
purl	pkg:alpm/archlinux/binutils@2.28.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.28.0-1

aliases CVE-2017-7227

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-325s-kx5s-97dj

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.28.0-1

pkg:alpm/archlinux/binutils@2.28.0-4

alpm

archlinux

binutils

2.28.0-4

true

2.29.0-1

2.38-1

url VCID-1rp7-5hxs-tqbx

vulnerability_id VCID-1rp7-5hxs-tqbx

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6965.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-6965

reference_id

reference_type

scores

value	0.00254
scoring_system	epss
scoring_elements	0.48609
published_at	2026-04-01T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48672
published_at	2026-04-04T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48624
published_at	2026-04-07T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48678
published_at	2026-04-08T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48674
published_at	2026-04-09T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48692
published_at	2026-04-11T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48666
published_at	2026-04-12T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.4865
published_at	2026-04-02T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52557
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-6965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6965

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=21137
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=21137

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435640
reference_id	1435640
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435640

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858264
reference_id	858264
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858264

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-6965

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7209.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-6965

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1rp7-5hxs-tqbx

url VCID-4ty8-8ecg-mqdy

vulnerability_id VCID-4ty8-8ecg-mqdy

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7209.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7209

reference_id

reference_type

scores

value	0.00314
scoring_system	epss
scoring_elements	0.5447
published_at	2026-04-01T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54556
published_at	2026-04-13T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54583
published_at	2026-04-09T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54595
published_at	2026-04-11T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54577
published_at	2026-04-12T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54545
published_at	2026-04-02T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54569
published_at	2026-04-04T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54537
published_at	2026-04-07T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54589
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7209

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=21135
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=21135

reference_url	http://www.securityfocus.com/bid/96994
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96994

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435632
reference_id	1435632
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435632

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858323
reference_id	858323
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858323

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-7209

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9041.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-7209

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ty8-8ecg-mqdy

url VCID-5cxe-ara7-jfcr

vulnerability_id VCID-5cxe-ara7-jfcr

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9041.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9041

reference_id

reference_type

scores

value	0.00483
scoring_system	epss
scoring_elements	0.6513
published_at	2026-04-01T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65211
published_at	2026-04-13T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65233
published_at	2026-04-09T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65251
published_at	2026-04-11T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65239
published_at	2026-04-12T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.6518
published_at	2026-04-02T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65205
published_at	2026-04-04T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65171
published_at	2026-04-07T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65221
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9041

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9041
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9041

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:N/A:P

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452171
reference_id	1452171
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452171

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674
reference_id	863674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9044.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-9041

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5cxe-ara7-jfcr

url VCID-b5je-gm19-yba5

vulnerability_id VCID-b5je-gm19-yba5

summary binutils: Out-of-bounds read in the print_symbol_for_build_attribute function

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9044.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9044

reference_id

reference_type

scores

value	0.00317
scoring_system	epss
scoring_elements	0.54763
published_at	2026-04-13T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61848
published_at	2026-04-01T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.6201
published_at	2026-04-11T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61999
published_at	2026-04-12T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61921
published_at	2026-04-07T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61951
published_at	2026-04-04T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61971
published_at	2026-04-08T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61988
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9044

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9044
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9044

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452176
reference_id	1452176
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452176

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9038.json

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-9044

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b5je-gm19-yba5

url VCID-dyx7-6xgz-mqa7

vulnerability_id VCID-dyx7-6xgz-mqa7

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9038.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9038

reference_id

reference_type

scores

value	0.00358
scoring_system	epss
scoring_elements	0.57909
published_at	2026-04-01T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58021
published_at	2026-04-13T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58063
published_at	2026-04-11T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58042
published_at	2026-04-12T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57993
published_at	2026-04-02T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58013
published_at	2026-04-04T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57988
published_at	2026-04-07T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58043
published_at	2026-04-08T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58046
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9038

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9038
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9038

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452167
reference_id	1452167
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452167

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674
reference_id	863674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9040.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-9038

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dyx7-6xgz-mqa7

url VCID-j2wc-yxrx-4kh6

vulnerability_id VCID-j2wc-yxrx-4kh6

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9040.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9040

reference_id

reference_type

scores

value	0.00358
scoring_system	epss
scoring_elements	0.58021
published_at	2026-04-13T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64702
published_at	2026-04-01T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64809
published_at	2026-04-09T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64826
published_at	2026-04-11T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64816
published_at	2026-04-12T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64754
published_at	2026-04-02T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64782
published_at	2026-04-04T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64745
published_at	2026-04-07T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64795
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9040

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9040
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9040

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:N/A:P

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452169
reference_id	1452169
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452169

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674
reference_id	863674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6966.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-9040

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j2wc-yxrx-4kh6

url VCID-kzqn-frns-jyab

vulnerability_id VCID-kzqn-frns-jyab

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6966.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-6966

reference_id

reference_type

scores

value	0.00278
scoring_system	epss
scoring_elements	0.51154
published_at	2026-04-01T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51251
published_at	2026-04-13T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51243
published_at	2026-04-09T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51287
published_at	2026-04-11T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51265
published_at	2026-04-12T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51207
published_at	2026-04-02T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51232
published_at	2026-04-04T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51191
published_at	2026-04-07T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51246
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-6966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6966

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=21139
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=21139

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435646
reference_id	1435646
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435646

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858263
reference_id	858263
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858263

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-6966

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7210.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-6966

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kzqn-frns-jyab

url VCID-mgmr-bkuv-sbba

vulnerability_id VCID-mgmr-bkuv-sbba

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7210.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7210

reference_id

reference_type

scores

value	0.00314
scoring_system	epss
scoring_elements	0.5447
published_at	2026-04-01T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54556
published_at	2026-04-13T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54583
published_at	2026-04-09T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54595
published_at	2026-04-11T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54577
published_at	2026-04-12T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54545
published_at	2026-04-02T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54569
published_at	2026-04-04T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54537
published_at	2026-04-07T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54589
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7210

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7210
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7210

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=21157
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=21157

reference_url	http://www.securityfocus.com/bid/96992
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96992

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435634
reference_id	1435634
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435634

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858324
reference_id	858324
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858324

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-7210

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9043.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-7210

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mgmr-bkuv-sbba

url VCID-n93p-dptt-r3hg

vulnerability_id VCID-n93p-dptt-r3hg

summary binutils: Shift exponent too large for type unsigned long in readelf.c

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9043.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9043

reference_id

reference_type

scores

value	0.00395
scoring_system	epss
scoring_elements	0.60219
published_at	2026-04-01T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60295
published_at	2026-04-02T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.6032
published_at	2026-04-04T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60288
published_at	2026-04-07T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60375
published_at	2026-04-11T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60361
published_at	2026-04-12T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60338
published_at	2026-04-08T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60354
published_at	2026-04-09T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.64622
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9043

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9043
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9043

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452175
reference_id	1452175
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452175

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674
reference_id	863674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6969.json

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-9043

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n93p-dptt-r3hg

url VCID-qnnr-5t4r-xfdc

vulnerability_id VCID-qnnr-5t4r-xfdc

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6969.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-6969

reference_id

reference_type

scores

value	0.00455
scoring_system	epss
scoring_elements	0.63754
published_at	2026-04-01T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63834
published_at	2026-04-13T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63868
published_at	2026-04-09T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63881
published_at	2026-04-11T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63867
published_at	2026-04-12T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63816
published_at	2026-04-02T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63842
published_at	2026-04-04T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63799
published_at	2026-04-07T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.6385
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-6969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6969

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=21156
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=21156

reference_url	http://www.securityfocus.com/bid/97065
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/97065

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435648
reference_id	1435648
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435648

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858256
reference_id	858256
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858256

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-6969

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9039.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-6969

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qnnr-5t4r-xfdc

url VCID-qv6w-s2tv-eyfs

vulnerability_id VCID-qv6w-s2tv-eyfs

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9039.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9039

reference_id

reference_type

scores

value	0.00358
scoring_system	epss
scoring_elements	0.57909
published_at	2026-04-01T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58021
published_at	2026-04-13T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58046
published_at	2026-04-09T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58063
published_at	2026-04-11T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58042
published_at	2026-04-12T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57993
published_at	2026-04-02T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58013
published_at	2026-04-04T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57988
published_at	2026-04-07T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58043
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9039

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9039
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9039

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:N/A:P

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452168
reference_id	1452168
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452168

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674
reference_id	863674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9042.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-9039

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qv6w-s2tv-eyfs

url VCID-z7m5-hqbr-abc2

vulnerability_id VCID-z7m5-hqbr-abc2

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9042.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9042

reference_id

reference_type

scores

value	0.00395
scoring_system	epss
scoring_elements	0.60219
published_at	2026-04-01T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60342
published_at	2026-04-13T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60354
published_at	2026-04-09T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60375
published_at	2026-04-11T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60361
published_at	2026-04-12T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60295
published_at	2026-04-02T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.6032
published_at	2026-04-04T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60288
published_at	2026-04-07T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60338
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9042

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9042
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9042

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:N/A:P

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452173
reference_id	1452173
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452173

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674
reference_id	863674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6965.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-9042

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z7m5-hqbr-abc2

4.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.28.0-4

pkg:alpm/archlinux/binutils@2.29.0-1

alpm

archlinux

binutils

2.29.0-1

false

2.30-1

2.38-1

url VCID-1rp7-5hxs-tqbx

vulnerability_id VCID-1rp7-5hxs-tqbx

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6965.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-6965

reference_id

reference_type

scores

value	0.00254
scoring_system	epss
scoring_elements	0.48609
published_at	2026-04-01T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48672
published_at	2026-04-04T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48624
published_at	2026-04-07T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48678
published_at	2026-04-08T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48674
published_at	2026-04-09T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48692
published_at	2026-04-11T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48666
published_at	2026-04-12T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.4865
published_at	2026-04-02T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52557
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-6965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6965

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=21137
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=21137

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435640
reference_id	1435640
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435640

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858264
reference_id	858264
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858264

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-6965

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7209.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-6965

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1rp7-5hxs-tqbx

url VCID-4ty8-8ecg-mqdy

vulnerability_id VCID-4ty8-8ecg-mqdy

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7209.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7209

reference_id

reference_type

scores

value	0.00314
scoring_system	epss
scoring_elements	0.5447
published_at	2026-04-01T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54556
published_at	2026-04-13T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54583
published_at	2026-04-09T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54595
published_at	2026-04-11T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54577
published_at	2026-04-12T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54545
published_at	2026-04-02T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54569
published_at	2026-04-04T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54537
published_at	2026-04-07T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54589
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7209

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=21135
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=21135

reference_url	http://www.securityfocus.com/bid/96994
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96994

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435632
reference_id	1435632
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435632

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858323
reference_id	858323
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858323

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-7209

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9041.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-7209

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ty8-8ecg-mqdy

url VCID-5cxe-ara7-jfcr

vulnerability_id VCID-5cxe-ara7-jfcr

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9041.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9041

reference_id

reference_type

scores

value	0.00483
scoring_system	epss
scoring_elements	0.6513
published_at	2026-04-01T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65211
published_at	2026-04-13T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65233
published_at	2026-04-09T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65251
published_at	2026-04-11T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65239
published_at	2026-04-12T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.6518
published_at	2026-04-02T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65205
published_at	2026-04-04T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65171
published_at	2026-04-07T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65221
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9041

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9041
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9041

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:N/A:P

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452171
reference_id	1452171
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452171

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674
reference_id	863674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9044.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-9041

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5cxe-ara7-jfcr

url VCID-b5je-gm19-yba5

vulnerability_id VCID-b5je-gm19-yba5

summary binutils: Out-of-bounds read in the print_symbol_for_build_attribute function

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9044.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9044

reference_id

reference_type

scores

value	0.00317
scoring_system	epss
scoring_elements	0.54763
published_at	2026-04-13T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61848
published_at	2026-04-01T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.6201
published_at	2026-04-11T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61999
published_at	2026-04-12T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61921
published_at	2026-04-07T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61951
published_at	2026-04-04T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61971
published_at	2026-04-08T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61988
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9044

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9044
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9044

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452176
reference_id	1452176
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452176

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9038.json

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-9044

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b5je-gm19-yba5

url VCID-dyx7-6xgz-mqa7

vulnerability_id VCID-dyx7-6xgz-mqa7

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9038.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9038

reference_id

reference_type

scores

value	0.00358
scoring_system	epss
scoring_elements	0.57909
published_at	2026-04-01T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58021
published_at	2026-04-13T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58063
published_at	2026-04-11T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58042
published_at	2026-04-12T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57993
published_at	2026-04-02T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58013
published_at	2026-04-04T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57988
published_at	2026-04-07T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58043
published_at	2026-04-08T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58046
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9038

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9038
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9038

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452167
reference_id	1452167
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452167

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674
reference_id	863674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9040.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-9038

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dyx7-6xgz-mqa7

url VCID-j2wc-yxrx-4kh6

vulnerability_id VCID-j2wc-yxrx-4kh6

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9040.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9040

reference_id

reference_type

scores

value	0.00358
scoring_system	epss
scoring_elements	0.58021
published_at	2026-04-13T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64702
published_at	2026-04-01T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64809
published_at	2026-04-09T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64826
published_at	2026-04-11T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64816
published_at	2026-04-12T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64754
published_at	2026-04-02T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64782
published_at	2026-04-04T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64745
published_at	2026-04-07T12:55:00Z

value	0.00475
scoring_system	epss
scoring_elements	0.64795
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9040

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9040
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9040

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:N/A:P

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452169
reference_id	1452169
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452169

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674
reference_id	863674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6966.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-9040

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j2wc-yxrx-4kh6

url VCID-kzqn-frns-jyab

vulnerability_id VCID-kzqn-frns-jyab

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6966.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-6966

reference_id

reference_type

scores

value	0.00278
scoring_system	epss
scoring_elements	0.51154
published_at	2026-04-01T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51251
published_at	2026-04-13T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51243
published_at	2026-04-09T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51287
published_at	2026-04-11T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51265
published_at	2026-04-12T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51207
published_at	2026-04-02T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51232
published_at	2026-04-04T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51191
published_at	2026-04-07T12:55:00Z

value	0.00278
scoring_system	epss
scoring_elements	0.51246
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-6966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6966

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=21139
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=21139

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435646
reference_id	1435646
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435646

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858263
reference_id	858263
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858263

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-6966

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7210.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-6966

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kzqn-frns-jyab

url VCID-mgmr-bkuv-sbba

vulnerability_id VCID-mgmr-bkuv-sbba

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7210.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7210

reference_id

reference_type

scores

value	0.00314
scoring_system	epss
scoring_elements	0.5447
published_at	2026-04-01T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54556
published_at	2026-04-13T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54583
published_at	2026-04-09T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54595
published_at	2026-04-11T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54577
published_at	2026-04-12T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54545
published_at	2026-04-02T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54569
published_at	2026-04-04T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54537
published_at	2026-04-07T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54589
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7210

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7210
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7210

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=21157
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=21157

reference_url	http://www.securityfocus.com/bid/96992
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96992

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435634
reference_id	1435634
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435634

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858324
reference_id	858324
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858324

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-7210

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9043.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-7210

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mgmr-bkuv-sbba

url VCID-n93p-dptt-r3hg

vulnerability_id VCID-n93p-dptt-r3hg

summary binutils: Shift exponent too large for type unsigned long in readelf.c

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9043.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9043

reference_id

reference_type

scores

value	0.00395
scoring_system	epss
scoring_elements	0.60219
published_at	2026-04-01T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60295
published_at	2026-04-02T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.6032
published_at	2026-04-04T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60288
published_at	2026-04-07T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60375
published_at	2026-04-11T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60361
published_at	2026-04-12T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60338
published_at	2026-04-08T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60354
published_at	2026-04-09T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.64622
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9043

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9043
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9043

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452175
reference_id	1452175
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452175

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674
reference_id	863674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6969.json

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-9043

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n93p-dptt-r3hg

url VCID-qnnr-5t4r-xfdc

vulnerability_id VCID-qnnr-5t4r-xfdc

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6969.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-6969

reference_id

reference_type

scores

value	0.00455
scoring_system	epss
scoring_elements	0.63754
published_at	2026-04-01T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63834
published_at	2026-04-13T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63868
published_at	2026-04-09T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63881
published_at	2026-04-11T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63867
published_at	2026-04-12T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63816
published_at	2026-04-02T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63842
published_at	2026-04-04T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63799
published_at	2026-04-07T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.6385
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-6969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6969

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=21156
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=21156

reference_url	http://www.securityfocus.com/bid/97065
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/97065

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1435648
reference_id	1435648
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1435648

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858256
reference_id	858256
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858256

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:::::::*

reference_url

reference_id

CVE-2017-6969

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9039.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-6969

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qnnr-5t4r-xfdc

url VCID-qv6w-s2tv-eyfs

vulnerability_id VCID-qv6w-s2tv-eyfs

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9039.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9039

reference_id

reference_type

scores

value	0.00358
scoring_system	epss
scoring_elements	0.57909
published_at	2026-04-01T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58021
published_at	2026-04-13T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58046
published_at	2026-04-09T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58063
published_at	2026-04-11T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58042
published_at	2026-04-12T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57993
published_at	2026-04-02T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58013
published_at	2026-04-04T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57988
published_at	2026-04-07T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58043
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9039

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9039
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9039

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:N/A:P

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452168
reference_id	1452168
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452168

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674
reference_id	863674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9042.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-9039

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qv6w-s2tv-eyfs

url VCID-z7m5-hqbr-abc2

vulnerability_id VCID-z7m5-hqbr-abc2

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9042.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9042

reference_id

reference_type

scores

value	0.00395
scoring_system	epss
scoring_elements	0.60219
published_at	2026-04-01T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60342
published_at	2026-04-13T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60354
published_at	2026-04-09T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60375
published_at	2026-04-11T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60361
published_at	2026-04-12T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60295
published_at	2026-04-02T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.6032
published_at	2026-04-04T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60288
published_at	2026-04-07T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60338
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9042

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9042
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9042

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:N/A:P

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1452173
reference_id	1452173
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1452173

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674
reference_id	863674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674

reference_url

reference_id

AVG-276

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15022.json

reference_url	https://security.gentoo.org/glsa/201709-02
reference_id	GLSA-201709-02
reference_type
scores
url	https://security.gentoo.org/glsa/201709-02

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.29.0-1
purl	pkg:alpm/archlinux/binutils@2.29.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

aliases CVE-2017-9042

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z7m5-hqbr-abc2

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1

pkg:alpm/archlinux/binutils@2.29.1-3

alpm

archlinux

binutils

2.29.1-3

true

2.30-1

2.38-1

url VCID-3aht-pk4j-b3h5

vulnerability_id VCID-3aht-pk4j-b3h5

summary binutils: NULL pointer dereference in dwarf2.c

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15022.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15022

reference_id

reference_type

scores

value	0.00261
scoring_system	epss
scoring_elements	0.49383
published_at	2026-04-01T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49433
published_at	2026-04-13T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49392
published_at	2026-04-07T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49447
published_at	2026-04-08T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49442
published_at	2026-04-09T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49459
published_at	2026-04-11T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.4943
published_at	2026-04-12T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49412
published_at	2026-04-02T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49439
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15022

reference_url	https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-bfd_hash_hash-hash-c/
reference_id
reference_type
scores
url	https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-bfd_hash_hash-hash-c/

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15022

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22201
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22201

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=11855d8a1f11b102a702ab76e95b22082cccf2f8
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=11855d8a1f11b102a702ab76e95b22082cccf2f8

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500376
reference_id	1500376
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500376

reference_url

reference_id

AVG-435

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*

reference_url

reference_id

CVE-2017-15022

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15024.json

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-15022

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3aht-pk4j-b3h5

url VCID-3az2-jj9s-7ffj

vulnerability_id VCID-3az2-jj9s-7ffj

summary binutils: Infinite recursion in find_abstract_instance_name

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15024.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15024

reference_id

reference_type

scores

value	0.00425
scoring_system	epss
scoring_elements	0.62103
published_at	2026-04-01T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62216
published_at	2026-04-13T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62162
published_at	2026-04-07T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62212
published_at	2026-04-08T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62229
published_at	2026-04-09T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62247
published_at	2026-04-11T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62237
published_at	2026-04-12T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62163
published_at	2026-04-02T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62194
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15024

reference_url	https://blogs.gentoo.org/ago/2017/10/03/binutils-infinite-loop-in-find_abstract_instance_name-dwarf2-c/
reference_id
reference_type
scores
url	https://blogs.gentoo.org/ago/2017/10/03/binutils-infinite-loop-in-find_abstract_instance_name-dwarf2-c/

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15024

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22187
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22187

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=52a93b95ec0771c97e26f0bb28630a271a667bd2
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=52a93b95ec0771c97e26f0bb28630a271a667bd2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500378
reference_id	1500378
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500378

reference_url

reference_id

AVG-435

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*

reference_url

reference_id

CVE-2017-15024

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17123.json

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-15024

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3az2-jj9s-7ffj

url VCID-6atd-3q2h-vfd5

vulnerability_id VCID-6atd-3q2h-vfd5

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17123.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17123

reference_id

reference_type

scores

value	0.00442
scoring_system	epss
scoring_elements	0.63166
published_at	2026-04-01T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63254
published_at	2026-04-13T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.6322
published_at	2026-04-07T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63272
published_at	2026-04-08T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63289
published_at	2026-04-09T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63306
published_at	2026-04-11T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.6329
published_at	2026-04-12T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63225
published_at	2026-04-02T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63255
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17123

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17123
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17123

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22509
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22509

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=4581a1c7d304ce14e714b27522ebf3d0188d6543
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=4581a1c7d304ce14e714b27522ebf3d0188d6543

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1524509
reference_id	1524509
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1524509

reference_url

reference_id

AVG-538

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*

reference_url

reference_id

CVE-2017-17123

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15025.json

reference_url	https://security.gentoo.org/glsa/201811-17
reference_id	GLSA-201811-17
reference_type
scores
url	https://security.gentoo.org/glsa/201811-17

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-17123

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6atd-3q2h-vfd5

url VCID-92ag-7zjf-qfhj

vulnerability_id VCID-92ag-7zjf-qfhj

summary binutils: Divide-by-zero in decode_line_info

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15025.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15025

reference_id

reference_type

scores

value	0.00261
scoring_system	epss
scoring_elements	0.49383
published_at	2026-04-01T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49433
published_at	2026-04-13T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49392
published_at	2026-04-07T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49447
published_at	2026-04-08T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49442
published_at	2026-04-09T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49459
published_at	2026-04-11T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.4943
published_at	2026-04-12T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49412
published_at	2026-04-02T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49439
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15025

reference_url	https://blogs.gentoo.org/ago/2017/10/03/binutils-divide-by-zero-in-decode_line_info-dwarf2-c/
reference_id
reference_type
scores
url	https://blogs.gentoo.org/ago/2017/10/03/binutils-divide-by-zero-in-decode_line_info-dwarf2-c/

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15025
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15025

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22186
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22186

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=d8010d3e75ec7194a4703774090b27486b742d48
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=d8010d3e75ec7194a4703774090b27486b742d48

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500375
reference_id	1500375
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500375

reference_url

reference_id

AVG-435

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*

reference_url

reference_id

CVE-2017-15025

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17124.json

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-15025

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-92ag-7zjf-qfhj

url VCID-b7ed-5vy7-8yb8

vulnerability_id VCID-b7ed-5vy7-8yb8

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17124.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17124

reference_id

reference_type

scores

value	0.00387
scoring_system	epss
scoring_elements	0.5971
published_at	2026-04-01T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59846
published_at	2026-04-12T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59807
published_at	2026-04-04T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59777
published_at	2026-04-07T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59828
published_at	2026-04-13T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59842
published_at	2026-04-09T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59862
published_at	2026-04-11T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59783
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17124

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17124
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17124

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22507
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22507

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=b0029dce6867de1a2828293177b0e030d2f0f03c
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=b0029dce6867de1a2828293177b0e030d2f0f03c

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1524510
reference_id	1524510
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1524510

reference_url

reference_id

AVG-538

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*

reference_url

reference_id

CVE-2017-17124

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15021.json

reference_url	https://security.gentoo.org/glsa/201811-17
reference_id	GLSA-201811-17
reference_type
scores
url	https://security.gentoo.org/glsa/201811-17

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-17124

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b7ed-5vy7-8yb8

url VCID-bah7-vbh3-7ueg

vulnerability_id VCID-bah7-vbh3-7ueg

summary binutils: Heap-based buffer over-read in bfd_get_debug_link_info_1

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15021.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15021

reference_id

reference_type

scores

value	0.00261
scoring_system	epss
scoring_elements	0.49383
published_at	2026-04-01T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49433
published_at	2026-04-13T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49392
published_at	2026-04-07T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49447
published_at	2026-04-08T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49442
published_at	2026-04-09T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49459
published_at	2026-04-11T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.4943
published_at	2026-04-12T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49412
published_at	2026-04-02T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49439
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15021

reference_url	https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-bfd_getl32-opncls-c/
reference_id
reference_type
scores
url	https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-bfd_getl32-opncls-c/

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15021

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22197
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22197

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=52b36c51e5bf6d7600fdc6ba115b170b0e78e31d
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=52b36c51e5bf6d7600fdc6ba115b170b0e78e31d

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500377
reference_id	1500377
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500377

reference_url

reference_id

AVG-435

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*

reference_url

reference_id

CVE-2017-15021

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17126.json

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-15021

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bah7-vbh3-7ueg

url VCID-csfh-sngk-qfga

vulnerability_id VCID-csfh-sngk-qfga

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17126.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17126

reference_id

reference_type

scores

value	0.00377
scoring_system	epss
scoring_elements	0.59129
published_at	2026-04-01T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59241
published_at	2026-04-13T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59192
published_at	2026-04-07T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59244
published_at	2026-04-08T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59257
published_at	2026-04-09T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59277
published_at	2026-04-11T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.5926
published_at	2026-04-12T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59203
published_at	2026-04-02T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59227
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17126

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22510
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22510

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=f425ec6600b69e39eb605f3128806ff688137ea8
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=f425ec6600b69e39eb605f3128806ff688137ea8

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1524498
reference_id	1524498
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1524498

reference_url

reference_id

AVG-538

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*

reference_url

reference_id

CVE-2017-17126

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15020.json

reference_url	https://security.gentoo.org/glsa/201811-17
reference_id	GLSA-201811-17
reference_type
scores
url	https://security.gentoo.org/glsa/201811-17

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-17126

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-csfh-sngk-qfga

url VCID-e2yq-7v8c-z7hk

vulnerability_id VCID-e2yq-7v8c-z7hk

summary binutils: Heap-based buffer overflow in parse_die

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15020.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15020

reference_id

reference_type

scores

value	0.00144
scoring_system	epss
scoring_elements	0.34608
published_at	2026-04-01T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34737
published_at	2026-04-13T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34726
published_at	2026-04-07T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34769
published_at	2026-04-08T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34797
published_at	2026-04-09T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34801
published_at	2026-04-11T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34762
published_at	2026-04-12T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34823
published_at	2026-04-02T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.3485
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15020

reference_url	https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-parse_die-dwarf1-c/
reference_id
reference_type
scores
url	https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-parse_die-dwarf1-c/

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15020
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15020

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22202
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22202

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=1da5c9a485f3dcac4c45e96ef4b7dae5948314b5
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=1da5c9a485f3dcac4c45e96ef4b7dae5948314b5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500372
reference_id	1500372
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500372

reference_url

reference_id

AVG-435

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*

reference_url

reference_id

CVE-2017-15020

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17122.json

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-15020

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e2yq-7v8c-z7hk

url VCID-ftnk-2drc-jkdw

vulnerability_id VCID-ftnk-2drc-jkdw

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17122.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17122

reference_id

reference_type

scores

value	0.00426
scoring_system	epss
scoring_elements	0.62141
published_at	2026-04-01T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62251
published_at	2026-04-13T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62198
published_at	2026-04-07T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62247
published_at	2026-04-08T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62265
published_at	2026-04-09T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62283
published_at	2026-04-11T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62273
published_at	2026-04-12T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62201
published_at	2026-04-02T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62231
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17122

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17122
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17122

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22508
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22508

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=d785b7d4b877ed465d04072e17ca19d0f47d840f
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=d785b7d4b877ed465d04072e17ca19d0f47d840f

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1524505
reference_id	1524505
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1524505

reference_url

reference_id

AVG-538

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*

reference_url

reference_id

CVE-2017-17122

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15023.json

reference_url	https://security.gentoo.org/glsa/201811-17
reference_id	GLSA-201811-17
reference_type
scores
url	https://security.gentoo.org/glsa/201811-17

reference_url	https://usn.ubuntu.com/5341-1/
reference_id	USN-5341-1
reference_type
scores
url	https://usn.ubuntu.com/5341-1/

reference_url	https://usn.ubuntu.com/6413-1/
reference_id	USN-6413-1
reference_type
scores
url	https://usn.ubuntu.com/6413-1/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-17122

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ftnk-2drc-jkdw

url VCID-mann-686a-8bec

vulnerability_id VCID-mann-686a-8bec

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15023.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15023

reference_id

reference_type

scores

value	0.00489
scoring_system	epss
scoring_elements	0.65455
published_at	2026-04-01T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65538
published_at	2026-04-13T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65496
published_at	2026-04-07T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65549
published_at	2026-04-08T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.6556
published_at	2026-04-09T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65579
published_at	2026-04-11T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65566
published_at	2026-04-12T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65504
published_at	2026-04-02T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65532
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15023

reference_url	https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-concat_filename-dwarf2-c/
reference_id
reference_type
scores
url	https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-concat_filename-dwarf2-c/

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15023

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22200
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22200

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=c361faae8d964db951b7100cada4dcdc983df1bf
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=c361faae8d964db951b7100cada4dcdc983df1bf

reference_url	http://www.securityfocus.com/bid/101611
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101611

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500374
reference_id	1500374
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500374

reference_url

reference_id

AVG-435

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*

reference_url

reference_id

CVE-2017-15023

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17125.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-15023

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mann-686a-8bec

url VCID-stn9-gqqb-7kae

vulnerability_id VCID-stn9-gqqb-7kae

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17125.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17125

reference_id

reference_type

scores

value	0.00377
scoring_system	epss
scoring_elements	0.59129
published_at	2026-04-01T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59241
published_at	2026-04-13T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59192
published_at	2026-04-07T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59244
published_at	2026-04-08T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59257
published_at	2026-04-09T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59277
published_at	2026-04-11T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.5926
published_at	2026-04-12T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59203
published_at	2026-04-02T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59227
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17125

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17125
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17125

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22443
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22443

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=160b1a618ad94988410dc81fce9189fcda5b7ff4
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=160b1a618ad94988410dc81fce9189fcda5b7ff4

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1524511
reference_id	1524511
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1524511

reference_url

reference_id

AVG-538

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*

reference_url

reference_id

CVE-2017-17125

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15996.json

reference_url	https://security.gentoo.org/glsa/201811-17
reference_id	GLSA-201811-17
reference_type
scores
url	https://security.gentoo.org/glsa/201811-17

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-17125

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-stn9-gqqb-7kae

url VCID-yqbv-z58c-dycr

vulnerability_id VCID-yqbv-z58c-dycr

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15996.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15996

reference_id

reference_type

scores

value	0.00314
scoring_system	epss
scoring_elements	0.54475
published_at	2026-04-01T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54561
published_at	2026-04-13T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54594
published_at	2026-04-08T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54589
published_at	2026-04-09T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54601
published_at	2026-04-11T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54583
published_at	2026-04-12T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.5455
published_at	2026-04-02T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54574
published_at	2026-04-04T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54543
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15996

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15996
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15996

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22361
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22361

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=d91f0b20e561e326ee91a09a76206257bde8438b
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=d91f0b20e561e326ee91a09a76206257bde8438b

reference_url	http://www.securityfocus.com/bid/101608
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101608

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1515742
reference_id	1515742
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1515742

reference_url

reference_id

AVG-435

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*

reference_url

reference_id

CVE-2017-15996

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15022.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-15996

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yqbv-z58c-dycr

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.1-3

pkg:alpm/archlinux/binutils@2.30-1

alpm

archlinux

binutils

2.30-1

false

2.32-1

2.38-1

url VCID-3aht-pk4j-b3h5

vulnerability_id VCID-3aht-pk4j-b3h5

summary binutils: NULL pointer dereference in dwarf2.c

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15022.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15022

reference_id

reference_type

scores

value	0.00261
scoring_system	epss
scoring_elements	0.49383
published_at	2026-04-01T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49433
published_at	2026-04-13T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49392
published_at	2026-04-07T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49447
published_at	2026-04-08T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49442
published_at	2026-04-09T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49459
published_at	2026-04-11T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.4943
published_at	2026-04-12T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49412
published_at	2026-04-02T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49439
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15022

reference_url	https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-bfd_hash_hash-hash-c/
reference_id
reference_type
scores
url	https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-bfd_hash_hash-hash-c/

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15022

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22201
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22201

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=11855d8a1f11b102a702ab76e95b22082cccf2f8
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=11855d8a1f11b102a702ab76e95b22082cccf2f8

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500376
reference_id	1500376
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500376

reference_url

reference_id

AVG-435

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*

reference_url

reference_id

CVE-2017-15022

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15024.json

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-15022

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3aht-pk4j-b3h5

url VCID-3az2-jj9s-7ffj

vulnerability_id VCID-3az2-jj9s-7ffj

summary binutils: Infinite recursion in find_abstract_instance_name

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15024.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15024

reference_id

reference_type

scores

value	0.00425
scoring_system	epss
scoring_elements	0.62103
published_at	2026-04-01T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62216
published_at	2026-04-13T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62162
published_at	2026-04-07T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62212
published_at	2026-04-08T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62229
published_at	2026-04-09T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62247
published_at	2026-04-11T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62237
published_at	2026-04-12T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62163
published_at	2026-04-02T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62194
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15024

reference_url	https://blogs.gentoo.org/ago/2017/10/03/binutils-infinite-loop-in-find_abstract_instance_name-dwarf2-c/
reference_id
reference_type
scores
url	https://blogs.gentoo.org/ago/2017/10/03/binutils-infinite-loop-in-find_abstract_instance_name-dwarf2-c/

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15024

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22187
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22187

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=52a93b95ec0771c97e26f0bb28630a271a667bd2
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=52a93b95ec0771c97e26f0bb28630a271a667bd2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500378
reference_id	1500378
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500378

reference_url

reference_id

AVG-435

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*

reference_url

reference_id

CVE-2017-15024

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17123.json

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-15024

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3az2-jj9s-7ffj

url VCID-6atd-3q2h-vfd5

vulnerability_id VCID-6atd-3q2h-vfd5

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17123.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17123

reference_id

reference_type

scores

value	0.00442
scoring_system	epss
scoring_elements	0.63166
published_at	2026-04-01T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63254
published_at	2026-04-13T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.6322
published_at	2026-04-07T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63272
published_at	2026-04-08T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63289
published_at	2026-04-09T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63306
published_at	2026-04-11T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.6329
published_at	2026-04-12T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63225
published_at	2026-04-02T12:55:00Z

value	0.00442
scoring_system	epss
scoring_elements	0.63255
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17123

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17123
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17123

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22509
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22509

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=4581a1c7d304ce14e714b27522ebf3d0188d6543
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=4581a1c7d304ce14e714b27522ebf3d0188d6543

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1524509
reference_id	1524509
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1524509

reference_url

reference_id

AVG-538

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*

reference_url

reference_id

CVE-2017-17123

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15025.json

reference_url	https://security.gentoo.org/glsa/201811-17
reference_id	GLSA-201811-17
reference_type
scores
url	https://security.gentoo.org/glsa/201811-17

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-17123

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6atd-3q2h-vfd5

url VCID-92ag-7zjf-qfhj

vulnerability_id VCID-92ag-7zjf-qfhj

summary binutils: Divide-by-zero in decode_line_info

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15025.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15025

reference_id

reference_type

scores

value	0.00261
scoring_system	epss
scoring_elements	0.49383
published_at	2026-04-01T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49433
published_at	2026-04-13T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49392
published_at	2026-04-07T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49447
published_at	2026-04-08T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49442
published_at	2026-04-09T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49459
published_at	2026-04-11T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.4943
published_at	2026-04-12T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49412
published_at	2026-04-02T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49439
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15025

reference_url	https://blogs.gentoo.org/ago/2017/10/03/binutils-divide-by-zero-in-decode_line_info-dwarf2-c/
reference_id
reference_type
scores
url	https://blogs.gentoo.org/ago/2017/10/03/binutils-divide-by-zero-in-decode_line_info-dwarf2-c/

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15025
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15025

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22186
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22186

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=d8010d3e75ec7194a4703774090b27486b742d48
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=d8010d3e75ec7194a4703774090b27486b742d48

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500375
reference_id	1500375
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500375

reference_url

reference_id

AVG-435

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*

reference_url

reference_id

CVE-2017-15025

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17124.json

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-15025

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-92ag-7zjf-qfhj

url VCID-b7ed-5vy7-8yb8

vulnerability_id VCID-b7ed-5vy7-8yb8

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17124.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17124

reference_id

reference_type

scores

value	0.00387
scoring_system	epss
scoring_elements	0.5971
published_at	2026-04-01T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59846
published_at	2026-04-12T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59807
published_at	2026-04-04T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59777
published_at	2026-04-07T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59828
published_at	2026-04-13T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59842
published_at	2026-04-09T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59862
published_at	2026-04-11T12:55:00Z

value	0.00387
scoring_system	epss
scoring_elements	0.59783
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17124

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17124
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17124

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22507
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22507

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=b0029dce6867de1a2828293177b0e030d2f0f03c
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=b0029dce6867de1a2828293177b0e030d2f0f03c

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1524510
reference_id	1524510
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1524510

reference_url

reference_id

AVG-538

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*

reference_url

reference_id

CVE-2017-17124

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15021.json

reference_url	https://security.gentoo.org/glsa/201811-17
reference_id	GLSA-201811-17
reference_type
scores
url	https://security.gentoo.org/glsa/201811-17

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-17124

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b7ed-5vy7-8yb8

url VCID-bah7-vbh3-7ueg

vulnerability_id VCID-bah7-vbh3-7ueg

summary binutils: Heap-based buffer over-read in bfd_get_debug_link_info_1

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15021.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15021

reference_id

reference_type

scores

value	0.00261
scoring_system	epss
scoring_elements	0.49383
published_at	2026-04-01T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49433
published_at	2026-04-13T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49392
published_at	2026-04-07T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49447
published_at	2026-04-08T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49442
published_at	2026-04-09T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49459
published_at	2026-04-11T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.4943
published_at	2026-04-12T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49412
published_at	2026-04-02T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49439
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15021

reference_url	https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-bfd_getl32-opncls-c/
reference_id
reference_type
scores
url	https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-bfd_getl32-opncls-c/

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15021

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22197
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22197

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=52b36c51e5bf6d7600fdc6ba115b170b0e78e31d
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=52b36c51e5bf6d7600fdc6ba115b170b0e78e31d

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500377
reference_id	1500377
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500377

reference_url

reference_id

AVG-435

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*

reference_url

reference_id

CVE-2017-15021

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17126.json

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-15021

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bah7-vbh3-7ueg

url VCID-csfh-sngk-qfga

vulnerability_id VCID-csfh-sngk-qfga

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17126.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17126

reference_id

reference_type

scores

value	0.00377
scoring_system	epss
scoring_elements	0.59129
published_at	2026-04-01T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59241
published_at	2026-04-13T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59192
published_at	2026-04-07T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59244
published_at	2026-04-08T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59257
published_at	2026-04-09T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59277
published_at	2026-04-11T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.5926
published_at	2026-04-12T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59203
published_at	2026-04-02T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59227
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17126

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17126
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17126

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22510
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22510

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=f425ec6600b69e39eb605f3128806ff688137ea8
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=f425ec6600b69e39eb605f3128806ff688137ea8

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1524498
reference_id	1524498
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1524498

reference_url

reference_id

AVG-538

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*

reference_url

reference_id

CVE-2017-17126

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15020.json

reference_url	https://security.gentoo.org/glsa/201811-17
reference_id	GLSA-201811-17
reference_type
scores
url	https://security.gentoo.org/glsa/201811-17

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-17126

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-csfh-sngk-qfga

url VCID-e2yq-7v8c-z7hk

vulnerability_id VCID-e2yq-7v8c-z7hk

summary binutils: Heap-based buffer overflow in parse_die

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15020.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15020

reference_id

reference_type

scores

value	0.00144
scoring_system	epss
scoring_elements	0.34608
published_at	2026-04-01T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34737
published_at	2026-04-13T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34726
published_at	2026-04-07T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34769
published_at	2026-04-08T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34797
published_at	2026-04-09T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34801
published_at	2026-04-11T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34762
published_at	2026-04-12T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34823
published_at	2026-04-02T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.3485
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15020

reference_url	https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-parse_die-dwarf1-c/
reference_id
reference_type
scores
url	https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-parse_die-dwarf1-c/

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15020
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15020

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22202
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22202

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=1da5c9a485f3dcac4c45e96ef4b7dae5948314b5
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=1da5c9a485f3dcac4c45e96ef4b7dae5948314b5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500372
reference_id	1500372
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500372

reference_url

reference_id

AVG-435

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*

reference_url

reference_id

CVE-2017-15020

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17122.json

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-15020

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e2yq-7v8c-z7hk

url VCID-ftnk-2drc-jkdw

vulnerability_id VCID-ftnk-2drc-jkdw

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17122.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17122

reference_id

reference_type

scores

value	0.00426
scoring_system	epss
scoring_elements	0.62141
published_at	2026-04-01T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62251
published_at	2026-04-13T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62198
published_at	2026-04-07T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62247
published_at	2026-04-08T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62265
published_at	2026-04-09T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62283
published_at	2026-04-11T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62273
published_at	2026-04-12T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62201
published_at	2026-04-02T12:55:00Z

value	0.00426
scoring_system	epss
scoring_elements	0.62231
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17122

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17122
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17122

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22508
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22508

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=d785b7d4b877ed465d04072e17ca19d0f47d840f
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=d785b7d4b877ed465d04072e17ca19d0f47d840f

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1524505
reference_id	1524505
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1524505

reference_url

reference_id

AVG-538

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*

reference_url

reference_id

CVE-2017-17122

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15023.json

reference_url	https://security.gentoo.org/glsa/201811-17
reference_id	GLSA-201811-17
reference_type
scores
url	https://security.gentoo.org/glsa/201811-17

reference_url	https://usn.ubuntu.com/5341-1/
reference_id	USN-5341-1
reference_type
scores
url	https://usn.ubuntu.com/5341-1/

reference_url	https://usn.ubuntu.com/6413-1/
reference_id	USN-6413-1
reference_type
scores
url	https://usn.ubuntu.com/6413-1/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-17122

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ftnk-2drc-jkdw

url VCID-mann-686a-8bec

vulnerability_id VCID-mann-686a-8bec

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15023.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15023

reference_id

reference_type

scores

value	0.00489
scoring_system	epss
scoring_elements	0.65455
published_at	2026-04-01T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65538
published_at	2026-04-13T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65496
published_at	2026-04-07T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65549
published_at	2026-04-08T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.6556
published_at	2026-04-09T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65579
published_at	2026-04-11T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65566
published_at	2026-04-12T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65504
published_at	2026-04-02T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65532
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15023

reference_url	https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-concat_filename-dwarf2-c/
reference_id
reference_type
scores
url	https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-concat_filename-dwarf2-c/

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15023

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22200
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22200

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=c361faae8d964db951b7100cada4dcdc983df1bf
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=c361faae8d964db951b7100cada4dcdc983df1bf

reference_url	http://www.securityfocus.com/bid/101611
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101611

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500374
reference_id	1500374
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500374

reference_url

reference_id

AVG-435

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*

reference_url

reference_id

CVE-2017-15023

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17125.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-15023

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mann-686a-8bec

url VCID-stn9-gqqb-7kae

vulnerability_id VCID-stn9-gqqb-7kae

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17125.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17125

reference_id

reference_type

scores

value	0.00377
scoring_system	epss
scoring_elements	0.59129
published_at	2026-04-01T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59241
published_at	2026-04-13T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59192
published_at	2026-04-07T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59244
published_at	2026-04-08T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59257
published_at	2026-04-09T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59277
published_at	2026-04-11T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.5926
published_at	2026-04-12T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59203
published_at	2026-04-02T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59227
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17125

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17125
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17125

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22443
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22443

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=160b1a618ad94988410dc81fce9189fcda5b7ff4
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=160b1a618ad94988410dc81fce9189fcda5b7ff4

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1524511
reference_id	1524511
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1524511

reference_url

reference_id

AVG-538

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29.1:::::::*

reference_url

reference_id

CVE-2017-17125

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15996.json

reference_url	https://security.gentoo.org/glsa/201811-17
reference_id	GLSA-201811-17
reference_type
scores
url	https://security.gentoo.org/glsa/201811-17

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-17125

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-stn9-gqqb-7kae

url VCID-yqbv-z58c-dycr

vulnerability_id VCID-yqbv-z58c-dycr

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15996.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15996

reference_id

reference_type

scores

value	0.00314
scoring_system	epss
scoring_elements	0.54475
published_at	2026-04-01T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54561
published_at	2026-04-13T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54594
published_at	2026-04-08T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54589
published_at	2026-04-09T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54601
published_at	2026-04-11T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54583
published_at	2026-04-12T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.5455
published_at	2026-04-02T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54574
published_at	2026-04-04T12:55:00Z

value	0.00314
scoring_system	epss
scoring_elements	0.54543
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15996

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15996
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15996

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22361
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22361

reference_url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=d91f0b20e561e326ee91a09a76206257bde8438b
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=d91f0b20e561e326ee91a09a76206257bde8438b

reference_url	http://www.securityfocus.com/bid/101608
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101608

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1515742
reference_id	1515742
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1515742

reference_url

reference_id

AVG-435

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:::::::*

reference_url

reference_id

CVE-2017-15996

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19932.json

reference_url	https://security.gentoo.org/glsa/201801-01
reference_id	GLSA-201801-01
reference_type
scores
url	https://security.gentoo.org/glsa/201801-01

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.30-1
purl	pkg:alpm/archlinux/binutils@2.30-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

aliases CVE-2017-15996

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yqbv-z58c-dycr

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.30-1

pkg:alpm/archlinux/binutils@2.31.1-4

alpm

archlinux

binutils

2.31.1-4

true

2.32-1

2.38-1

url VCID-24yc-9zfd-skax

vulnerability_id VCID-24yc-9zfd-skax

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19932.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19932

reference_id

reference_type

scores

value	0.0042
scoring_system	epss
scoring_elements	0.61829
published_at	2026-04-01T12:55:00Z

value	0.0042
scoring_system	epss
scoring_elements	0.61958
published_at	2026-04-13T12:55:00Z

value	0.0042
scoring_system	epss
scoring_elements	0.6199
published_at	2026-04-11T12:55:00Z

value	0.0042
scoring_system	epss
scoring_elements	0.61979
published_at	2026-04-12T12:55:00Z

value	0.0042
scoring_system	epss
scoring_elements	0.61902
published_at	2026-04-07T12:55:00Z

value	0.0042
scoring_system	epss
scoring_elements	0.61932
published_at	2026-04-04T12:55:00Z

value	0.0042
scoring_system	epss
scoring_elements	0.61951
published_at	2026-04-08T12:55:00Z

value	0.0042
scoring_system	epss
scoring_elements	0.61969
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19932

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1658949
reference_id	1658949
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1658949

reference_url	https://security.archlinux.org/ASA-201906-3
reference_id	ASA-201906-3
reference_type
scores
url	https://security.archlinux.org/ASA-201906-3

reference_url

reference_id

AVG-832

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20712.json

reference_url	https://security.gentoo.org/glsa/201908-01
reference_id	GLSA-201908-01
reference_type
scores
url	https://security.gentoo.org/glsa/201908-01

reference_url	https://usn.ubuntu.com/4336-1/
reference_id	USN-4336-1
reference_type
scores
url	https://usn.ubuntu.com/4336-1/

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.32-1
purl	pkg:alpm/archlinux/binutils@2.32-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.32-1

aliases CVE-2018-19932

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-24yc-9zfd-skax

url VCID-98ww-99gn-xyar

vulnerability_id VCID-98ww-99gn-xyar

summary libiberty: heap-based buffer over-read in d_expression_1

references

reference_url

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20712.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20712

reference_id

reference_type

scores

value	0.00801
scoring_system	epss
scoring_elements	0.74019
published_at	2026-04-01T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.74067
published_at	2026-04-13T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.74056
published_at	2026-04-08T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.7407
published_at	2026-04-09T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.74092
published_at	2026-04-11T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.74074
published_at	2026-04-12T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.74025
published_at	2026-04-02T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.74051
published_at	2026-04-04T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.74022
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20712

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20712
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20712

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629
reference_id
reference_type
scores
url	https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=24043
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=24043

reference_url	https://support.f5.com/csp/article/K38336243
reference_id
reference_type
scores
url	https://support.f5.com/csp/article/K38336243

reference_url	http://www.securityfocus.com/bid/106563
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106563

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1668269
reference_id	1668269
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1668269

reference_url	https://security.archlinux.org/ASA-201906-3
reference_id	ASA-201906-3
reference_type
scores
url	https://security.archlinux.org/ASA-201906-3

reference_url

reference_id

AVG-832

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.31.1:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.31.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.31.1:::::::*

reference_url

reference_id

CVE-2018-20712

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19931.json

fixed_packages

url	pkg:alpm/archlinux/binutils@2.32-1
purl	pkg:alpm/archlinux/binutils@2.32-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.32-1

aliases CVE-2018-20712

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-98ww-99gn-xyar

url VCID-kuzy-t7d8-kfhd

vulnerability_id VCID-kuzy-t7d8-kfhd

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19931.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19931

reference_id

reference_type

scores

value	0.00321
scoring_system	epss
scoring_elements	0.55027
published_at	2026-04-01T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55151
published_at	2026-04-13T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55188
published_at	2026-04-11T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55169
published_at	2026-04-12T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55128
published_at	2026-04-02T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55152
published_at	2026-04-04T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55127
published_at	2026-04-07T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55177
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19931

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1658947
reference_id	1658947
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1658947

reference_url	https://security.archlinux.org/ASA-201906-3
reference_id	ASA-201906-3
reference_type
scores
url	https://security.archlinux.org/ASA-201906-3

reference_url

reference_id

AVG-832

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20002.json

reference_url	https://security.gentoo.org/glsa/201908-01
reference_id	GLSA-201908-01
reference_type
scores
url	https://security.gentoo.org/glsa/201908-01

reference_url	https://usn.ubuntu.com/4336-1/
reference_id	USN-4336-1
reference_type
scores
url	https://usn.ubuntu.com/4336-1/

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.32-1
purl	pkg:alpm/archlinux/binutils@2.32-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.32-1

aliases CVE-2018-19931

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kuzy-t7d8-kfhd

url VCID-w17q-m7sf-23fx

vulnerability_id VCID-w17q-m7sf-23fx

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20002.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20002

reference_id

reference_type

scores

value	0.00315
scoring_system	epss
scoring_elements	0.54537
published_at	2026-04-01T12:55:00Z

value	0.00315
scoring_system	epss
scoring_elements	0.54598
published_at	2026-04-07T12:55:00Z

value	0.00315
scoring_system	epss
scoring_elements	0.54645
published_at	2026-04-09T12:55:00Z

value	0.00315
scoring_system	epss
scoring_elements	0.54658
published_at	2026-04-11T12:55:00Z

value	0.00315
scoring_system	epss
scoring_elements	0.5464
published_at	2026-04-12T12:55:00Z

value	0.00315
scoring_system	epss
scoring_elements	0.54607
published_at	2026-04-02T12:55:00Z

value	0.00315
scoring_system	epss
scoring_elements	0.5463
published_at	2026-04-04T12:55:00Z

value	0.00315
scoring_system	epss
scoring_elements	0.5465
published_at	2026-04-08T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.55957
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20002

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1661534
reference_id	1661534
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1661534

reference_url	https://security.archlinux.org/ASA-201906-3
reference_id	ASA-201906-3
reference_type
scores
url	https://security.archlinux.org/ASA-201906-3

reference_url

reference_id

AVG-832

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19932.json

reference_url	https://security.gentoo.org/glsa/201908-01
reference_id	GLSA-201908-01
reference_type
scores
url	https://security.gentoo.org/glsa/201908-01

reference_url	https://usn.ubuntu.com/4336-1/
reference_id	USN-4336-1
reference_type
scores
url	https://usn.ubuntu.com/4336-1/

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.32-1
purl	pkg:alpm/archlinux/binutils@2.32-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.32-1

aliases CVE-2018-20002

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w17q-m7sf-23fx

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.31.1-4

pkg:alpm/archlinux/binutils@2.32-1

alpm

archlinux

binutils

2.32-1

false

2.36-1

2.38-1

url VCID-24yc-9zfd-skax

vulnerability_id VCID-24yc-9zfd-skax

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19932.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19932

reference_id

reference_type

scores

value	0.0042
scoring_system	epss
scoring_elements	0.61829
published_at	2026-04-01T12:55:00Z

value	0.0042
scoring_system	epss
scoring_elements	0.61958
published_at	2026-04-13T12:55:00Z

value	0.0042
scoring_system	epss
scoring_elements	0.6199
published_at	2026-04-11T12:55:00Z

value	0.0042
scoring_system	epss
scoring_elements	0.61979
published_at	2026-04-12T12:55:00Z

value	0.0042
scoring_system	epss
scoring_elements	0.61902
published_at	2026-04-07T12:55:00Z

value	0.0042
scoring_system	epss
scoring_elements	0.61932
published_at	2026-04-04T12:55:00Z

value	0.0042
scoring_system	epss
scoring_elements	0.61951
published_at	2026-04-08T12:55:00Z

value	0.0042
scoring_system	epss
scoring_elements	0.61969
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19932

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1658949
reference_id	1658949
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1658949

reference_url	https://security.archlinux.org/ASA-201906-3
reference_id	ASA-201906-3
reference_type
scores
url	https://security.archlinux.org/ASA-201906-3

reference_url

reference_id

AVG-832

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20712.json

reference_url	https://security.gentoo.org/glsa/201908-01
reference_id	GLSA-201908-01
reference_type
scores
url	https://security.gentoo.org/glsa/201908-01

reference_url	https://usn.ubuntu.com/4336-1/
reference_id	USN-4336-1
reference_type
scores
url	https://usn.ubuntu.com/4336-1/

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.32-1
purl	pkg:alpm/archlinux/binutils@2.32-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.32-1

aliases CVE-2018-19932

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-24yc-9zfd-skax

url VCID-98ww-99gn-xyar

vulnerability_id VCID-98ww-99gn-xyar

summary libiberty: heap-based buffer over-read in d_expression_1

references

reference_url

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20712.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20712

reference_id

reference_type

scores

value	0.00801
scoring_system	epss
scoring_elements	0.74019
published_at	2026-04-01T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.74067
published_at	2026-04-13T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.74056
published_at	2026-04-08T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.7407
published_at	2026-04-09T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.74092
published_at	2026-04-11T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.74074
published_at	2026-04-12T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.74025
published_at	2026-04-02T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.74051
published_at	2026-04-04T12:55:00Z

value	0.00801
scoring_system	epss
scoring_elements	0.74022
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20712

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20712
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20712

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629
reference_id
reference_type
scores
url	https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=24043
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=24043

reference_url	https://support.f5.com/csp/article/K38336243
reference_id
reference_type
scores
url	https://support.f5.com/csp/article/K38336243

reference_url	http://www.securityfocus.com/bid/106563
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106563

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1668269
reference_id	1668269
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1668269

reference_url	https://security.archlinux.org/ASA-201906-3
reference_id	ASA-201906-3
reference_type
scores
url	https://security.archlinux.org/ASA-201906-3

reference_url

reference_id

AVG-832

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.31.1:::::::*
reference_id	cpe:2.3:a:gnu:binutils:2.31.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.31.1:::::::*

reference_url

reference_id

CVE-2018-20712

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19931.json

fixed_packages

url	pkg:alpm/archlinux/binutils@2.32-1
purl	pkg:alpm/archlinux/binutils@2.32-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.32-1

aliases CVE-2018-20712

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-98ww-99gn-xyar

url VCID-kuzy-t7d8-kfhd

vulnerability_id VCID-kuzy-t7d8-kfhd

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19931.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19931

reference_id

reference_type

scores

value	0.00321
scoring_system	epss
scoring_elements	0.55027
published_at	2026-04-01T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55151
published_at	2026-04-13T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55188
published_at	2026-04-11T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55169
published_at	2026-04-12T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55128
published_at	2026-04-02T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55152
published_at	2026-04-04T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55127
published_at	2026-04-07T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55177
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19931

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1658947
reference_id	1658947
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1658947

reference_url	https://security.archlinux.org/ASA-201906-3
reference_id	ASA-201906-3
reference_type
scores
url	https://security.archlinux.org/ASA-201906-3

reference_url

reference_id

AVG-832

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20002.json

reference_url	https://security.gentoo.org/glsa/201908-01
reference_id	GLSA-201908-01
reference_type
scores
url	https://security.gentoo.org/glsa/201908-01

reference_url	https://usn.ubuntu.com/4336-1/
reference_id	USN-4336-1
reference_type
scores
url	https://usn.ubuntu.com/4336-1/

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.32-1
purl	pkg:alpm/archlinux/binutils@2.32-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.32-1

aliases CVE-2018-19931

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kuzy-t7d8-kfhd

url VCID-w17q-m7sf-23fx

vulnerability_id VCID-w17q-m7sf-23fx

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which may allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20002.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20002

reference_id

reference_type

scores

value	0.00315
scoring_system	epss
scoring_elements	0.54537
published_at	2026-04-01T12:55:00Z

value	0.00315
scoring_system	epss
scoring_elements	0.54598
published_at	2026-04-07T12:55:00Z

value	0.00315
scoring_system	epss
scoring_elements	0.54645
published_at	2026-04-09T12:55:00Z

value	0.00315
scoring_system	epss
scoring_elements	0.54658
published_at	2026-04-11T12:55:00Z

value	0.00315
scoring_system	epss
scoring_elements	0.5464
published_at	2026-04-12T12:55:00Z

value	0.00315
scoring_system	epss
scoring_elements	0.54607
published_at	2026-04-02T12:55:00Z

value	0.00315
scoring_system	epss
scoring_elements	0.5463
published_at	2026-04-04T12:55:00Z

value	0.00315
scoring_system	epss
scoring_elements	0.5465
published_at	2026-04-08T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.55957
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20002

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1661534
reference_id	1661534
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1661534

reference_url	https://security.archlinux.org/ASA-201906-3
reference_id	ASA-201906-3
reference_type
scores
url	https://security.archlinux.org/ASA-201906-3

reference_url

reference_id

AVG-832

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35448.json

reference_url	https://security.gentoo.org/glsa/201908-01
reference_id	GLSA-201908-01
reference_type
scores
url	https://security.gentoo.org/glsa/201908-01

reference_url	https://usn.ubuntu.com/4336-1/
reference_id	USN-4336-1
reference_type
scores
url	https://usn.ubuntu.com/4336-1/

reference_url	https://usn.ubuntu.com/4336-2/
reference_id	USN-4336-2
reference_type
scores
url	https://usn.ubuntu.com/4336-2/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.32-1
purl	pkg:alpm/archlinux/binutils@2.32-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.32-1

aliases CVE-2018-20002

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w17q-m7sf-23fx

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.32-1

pkg:alpm/archlinux/binutils@2.35.1-1

alpm

archlinux

binutils

2.35.1-1

true

2.36-1

2.38-1

url VCID-7sc8-fzw3-vfer

vulnerability_id VCID-7sc8-fzw3-vfer

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which could result in a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35448.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35448

reference_id

reference_type

scores

value	0.00132
scoring_system	epss
scoring_elements	0.32892
published_at	2026-04-02T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32762
published_at	2026-04-01T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32927
published_at	2026-04-04T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.5566
published_at	2026-04-13T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55697
published_at	2026-04-11T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55678
published_at	2026-04-12T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55634
published_at	2026-04-07T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55686
published_at	2026-04-08T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55689
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35448

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35448
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35448

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1950478
reference_id	1950478
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1950478

reference_url

reference_id

AVG-1385

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20294.json

reference_url	https://security.gentoo.org/glsa/202107-24
reference_id	GLSA-202107-24
reference_type
scores
url	https://security.gentoo.org/glsa/202107-24

reference_url	https://access.redhat.com/errata/RHSA-2021:4364
reference_id	RHSA-2021:4364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4364

fixed_packages

url	pkg:alpm/archlinux/binutils@2.36-1
purl	pkg:alpm/archlinux/binutils@2.36-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.36-1

aliases CVE-2020-35448

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7sc8-fzw3-vfer

url VCID-vepg-jnnm-97d7

vulnerability_id VCID-vepg-jnnm-97d7

summary Multiple vulnerabilities have been discovered in Binutils, the worst of which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20294.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20294

reference_id

reference_type

scores

value	0.1586
scoring_system	epss
scoring_elements	0.94712
published_at	2026-04-01T12:55:00Z

value	0.1586
scoring_system	epss
scoring_elements	0.94724
published_at	2026-04-04T12:55:00Z

value	0.1586
scoring_system	epss
scoring_elements	0.9472
published_at	2026-04-02T12:55:00Z

value	0.22712
scoring_system	epss
scoring_elements	0.95857
published_at	2026-04-08T12:55:00Z

value	0.22712
scoring_system	epss
scoring_elements	0.9586
published_at	2026-04-09T12:55:00Z

value	0.22712
scoring_system	epss
scoring_elements	0.95863
published_at	2026-04-12T12:55:00Z

value	0.22712
scoring_system	epss
scoring_elements	0.95848
published_at	2026-04-07T12:55:00Z

value	0.22712
scoring_system	epss
scoring_elements	0.95864
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20294

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20294
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20294

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1943533
reference_id	1943533
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1943533

reference_url

reference_id

AVG-1385

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.gentoo.org/glsa/202208-30
reference_id	GLSA-202208-30
reference_type
scores
url	https://security.gentoo.org/glsa/202208-30

fixed_packages

url	pkg:alpm/archlinux/binutils@2.36-1
purl	pkg:alpm/archlinux/binutils@2.36-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.36-1

aliases CVE-2021-20294

risk_score 3.1

exploitability 0.5

weighted_severity 6.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vepg-jnnm-97d7

url VCID-xrpd-jdfr-ebeq

vulnerability_id VCID-xrpd-jdfr-ebeq

summary Multiple vulnerabilities have been discovered in Binutils, the worst of which could result in denial of service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3487.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3487.json

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1947111
reference_id	1947111
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1947111

reference_url

reference_id

AVG-1385

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35448.json

reference_url	https://security.gentoo.org/glsa/202208-30
reference_id	GLSA-202208-30
reference_type
scores
url	https://security.gentoo.org/glsa/202208-30

reference_url	https://access.redhat.com/errata/RHSA-2021:4364
reference_id	RHSA-2021:4364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4364

reference_url	https://usn.ubuntu.com/5124-1/
reference_id	USN-5124-1
reference_type
scores
url	https://usn.ubuntu.com/5124-1/

reference_url	https://usn.ubuntu.com/5341-1/
reference_id	USN-5341-1
reference_type
scores
url	https://usn.ubuntu.com/5341-1/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.36-1
purl	pkg:alpm/archlinux/binutils@2.36-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.36-1

aliases CVE-2021-3487

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xrpd-jdfr-ebeq

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.35.1-1

pkg:alpm/archlinux/binutils@2.36-1

alpm

archlinux

binutils

2.36-1

false

2.37-1

2.38-1

url VCID-7sc8-fzw3-vfer

vulnerability_id VCID-7sc8-fzw3-vfer

summary

Multiple vulnerabilities have been found in Binutils, the worst of
    which could result in a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35448.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35448

reference_id

reference_type

scores

value	0.00132
scoring_system	epss
scoring_elements	0.32892
published_at	2026-04-02T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32762
published_at	2026-04-01T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32927
published_at	2026-04-04T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.5566
published_at	2026-04-13T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55697
published_at	2026-04-11T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55678
published_at	2026-04-12T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55634
published_at	2026-04-07T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55686
published_at	2026-04-08T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.55689
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35448

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35448
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35448

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1950478
reference_id	1950478
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1950478

reference_url

reference_id

AVG-1385

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20294.json

reference_url	https://security.gentoo.org/glsa/202107-24
reference_id	GLSA-202107-24
reference_type
scores
url	https://security.gentoo.org/glsa/202107-24

reference_url	https://access.redhat.com/errata/RHSA-2021:4364
reference_id	RHSA-2021:4364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4364

fixed_packages

url	pkg:alpm/archlinux/binutils@2.36-1
purl	pkg:alpm/archlinux/binutils@2.36-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.36-1

aliases CVE-2020-35448

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7sc8-fzw3-vfer

url VCID-vepg-jnnm-97d7

vulnerability_id VCID-vepg-jnnm-97d7

summary Multiple vulnerabilities have been discovered in Binutils, the worst of which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20294.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20294

reference_id

reference_type

scores

value	0.1586
scoring_system	epss
scoring_elements	0.94712
published_at	2026-04-01T12:55:00Z

value	0.1586
scoring_system	epss
scoring_elements	0.94724
published_at	2026-04-04T12:55:00Z

value	0.1586
scoring_system	epss
scoring_elements	0.9472
published_at	2026-04-02T12:55:00Z

value	0.22712
scoring_system	epss
scoring_elements	0.95857
published_at	2026-04-08T12:55:00Z

value	0.22712
scoring_system	epss
scoring_elements	0.9586
published_at	2026-04-09T12:55:00Z

value	0.22712
scoring_system	epss
scoring_elements	0.95863
published_at	2026-04-12T12:55:00Z

value	0.22712
scoring_system	epss
scoring_elements	0.95848
published_at	2026-04-07T12:55:00Z

value	0.22712
scoring_system	epss
scoring_elements	0.95864
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20294

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20294
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20294

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1943533
reference_id	1943533
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1943533

reference_url

reference_id

AVG-1385

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.gentoo.org/glsa/202208-30
reference_id	GLSA-202208-30
reference_type
scores
url	https://security.gentoo.org/glsa/202208-30

fixed_packages

url	pkg:alpm/archlinux/binutils@2.36-1
purl	pkg:alpm/archlinux/binutils@2.36-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.36-1

aliases CVE-2021-20294

risk_score 3.1

exploitability 0.5

weighted_severity 6.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vepg-jnnm-97d7

url VCID-xrpd-jdfr-ebeq

vulnerability_id VCID-xrpd-jdfr-ebeq

summary Multiple vulnerabilities have been discovered in Binutils, the worst of which could result in denial of service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3487.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3487.json

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1947111
reference_id	1947111
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1947111

reference_url

reference_id

AVG-1385

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3530.json

reference_url	https://security.gentoo.org/glsa/202208-30
reference_id	GLSA-202208-30
reference_type
scores
url	https://security.gentoo.org/glsa/202208-30

reference_url	https://access.redhat.com/errata/RHSA-2021:4364
reference_id	RHSA-2021:4364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4364

reference_url	https://usn.ubuntu.com/5124-1/
reference_id	USN-5124-1
reference_type
scores
url	https://usn.ubuntu.com/5124-1/

reference_url	https://usn.ubuntu.com/5341-1/
reference_id	USN-5341-1
reference_type
scores
url	https://usn.ubuntu.com/5341-1/

fixed_packages

url	pkg:alpm/archlinux/binutils@2.36-1
purl	pkg:alpm/archlinux/binutils@2.36-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.36-1

aliases CVE-2021-3487

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xrpd-jdfr-ebeq

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.36-1

pkg:alpm/archlinux/binutils@2.36.1-3

alpm

archlinux

binutils

2.36.1-3

true

2.37-1

2.38-1

url VCID-4uea-bxbr-2kdz

vulnerability_id VCID-4uea-bxbr-2kdz

summary Multiple vulnerabilities have been discovered in Binutils, the worst of which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3530.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3530

reference_id

reference_type

scores

value	0.00354
scoring_system	epss
scoring_elements	0.57639
published_at	2026-04-01T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.5775
published_at	2026-04-13T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.57791
published_at	2026-04-11T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.5777
published_at	2026-04-12T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.57724
published_at	2026-04-02T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.57745
published_at	2026-04-04T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.57719
published_at	2026-04-07T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.57774
published_at	2026-04-08T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.57776
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3530

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3530
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3530

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956423
reference_id	1956423
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956423

reference_url

reference_id

AVG-1540

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.gentoo.org/glsa/202208-30
reference_id	GLSA-202208-30
reference_type
scores
url	https://security.gentoo.org/glsa/202208-30

fixed_packages

url	pkg:alpm/archlinux/binutils@2.38-1
purl	pkg:alpm/archlinux/binutils@2.38-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.38-1

aliases CVE-2021-3530

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4uea-bxbr-2kdz

url VCID-cafq-79j3-uue5

vulnerability_id VCID-cafq-79j3-uue5

summary binutils: infinite loop while demangling rust symbols

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3648.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3648.json

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1982320
reference_id	1982320
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1982320

reference_url

reference_id

AVG-1540

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3549.json

fixed_packages

url	pkg:alpm/archlinux/binutils@2.38-1
purl	pkg:alpm/archlinux/binutils@2.38-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.38-1

aliases CVE-2021-3648

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cafq-79j3-uue5

url VCID-uv5p-15z7-fqcn

vulnerability_id VCID-uv5p-15z7-fqcn

summary Multiple vulnerabilities have been discovered in Binutils, the worst of which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3549.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3549

reference_id

reference_type

scores

value	0.00193
scoring_system	epss
scoring_elements	0.41213
published_at	2026-04-01T12:55:00Z

value	0.00193
scoring_system	epss
scoring_elements	0.41259
published_at	2026-04-07T12:55:00Z

value	0.00193
scoring_system	epss
scoring_elements	0.41307
published_at	2026-04-02T12:55:00Z

value	0.00193
scoring_system	epss
scoring_elements	0.41335
published_at	2026-04-04T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.5717
published_at	2026-04-09T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57182
published_at	2026-04-11T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57161
published_at	2026-04-12T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57168
published_at	2026-04-08T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57141
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3549

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1960717
reference_id	1960717
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1960717

reference_url

reference_id

AVG-2002

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20197.json

reference_url	https://security.gentoo.org/glsa/202208-30
reference_id	GLSA-202208-30
reference_type
scores
url	https://security.gentoo.org/glsa/202208-30

fixed_packages

url	pkg:alpm/archlinux/binutils@2.37-1
purl	pkg:alpm/archlinux/binutils@2.37-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.37-1

aliases CVE-2021-3549

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uv5p-15z7-fqcn

url VCID-znqk-35mz-dqfk

vulnerability_id VCID-znqk-35mz-dqfk

summary Multiple vulnerabilities have been discovered in Binutils, the worst of which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20197.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20197

reference_id

reference_type

scores

value	0.00115
scoring_system	epss
scoring_elements	0.30284
published_at	2026-04-01T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30186
published_at	2026-04-13T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30313
published_at	2026-04-02T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30361
published_at	2026-04-04T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30177
published_at	2026-04-07T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30238
published_at	2026-04-08T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30272
published_at	2026-04-09T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30275
published_at	2026-04-11T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30232
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20197

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1913743

reference_id

1913743

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:08:08Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1913743

reference_url

reference_id

AVG-1540

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

GLSA-202208-30

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:08:08Z/

url

https://security.netapp.com/advisory/ntap-20210528-0009/

reference_url

reference_id

ntap-20210528-0009

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:08:08Z/

url

https://security.netapp.com/advisory/ntap-20210528-0009/

reference_url	https://access.redhat.com/errata/RHSA-2021:4364
reference_id	RHSA-2021:4364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4364

reference_url

https://sourceware.org/bugzilla/show_bug.cgi?id=26945

reference_id

show_bug.cgi?id=26945

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:08:08Z/

url

https://sourceware.org/bugzilla/show_bug.cgi?id=26945

fixed_packages

url	pkg:alpm/archlinux/binutils@2.38-1
purl	pkg:alpm/archlinux/binutils@2.38-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.38-1

aliases CVE-2021-20197

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-znqk-35mz-dqfk

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.36.1-3

pkg:alpm/archlinux/binutils@2.37-1

alpm

archlinux

binutils

2.37-1

false

2.38-1

url VCID-uv5p-15z7-fqcn

vulnerability_id VCID-uv5p-15z7-fqcn

summary Multiple vulnerabilities have been discovered in Binutils, the worst of which could result in denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3549.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3549.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3549

reference_id

reference_type

scores

value	0.00193
scoring_system	epss
scoring_elements	0.41213
published_at	2026-04-01T12:55:00Z

value	0.00193
scoring_system	epss
scoring_elements	0.41259
published_at	2026-04-07T12:55:00Z

value	0.00193
scoring_system	epss
scoring_elements	0.41307
published_at	2026-04-02T12:55:00Z

value	0.00193
scoring_system	epss
scoring_elements	0.41335
published_at	2026-04-04T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.5717
published_at	2026-04-09T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57182
published_at	2026-04-11T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57161
published_at	2026-04-12T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57168
published_at	2026-04-08T12:55:00Z

value	0.00346
scoring_system	epss
scoring_elements	0.57141
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3549

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1960717
reference_id	1960717
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1960717

reference_url

reference_id

AVG-2002

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3530.json

reference_url	https://security.gentoo.org/glsa/202208-30
reference_id	GLSA-202208-30
reference_type
scores
url	https://security.gentoo.org/glsa/202208-30

fixed_packages

url	pkg:alpm/archlinux/binutils@2.37-1
purl	pkg:alpm/archlinux/binutils@2.37-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.37-1

aliases CVE-2021-3549

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uv5p-15z7-fqcn

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.37-1

pkg:alpm/archlinux/binutils@2.38-1

alpm

archlinux

binutils

2.38-1

false

null

url VCID-4uea-bxbr-2kdz

vulnerability_id VCID-4uea-bxbr-2kdz

summary Multiple vulnerabilities have been discovered in Binutils, the worst of which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3530.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3530

reference_id

reference_type

scores

value	0.00354
scoring_system	epss
scoring_elements	0.57639
published_at	2026-04-01T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.5775
published_at	2026-04-13T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.57791
published_at	2026-04-11T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.5777
published_at	2026-04-12T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.57724
published_at	2026-04-02T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.57745
published_at	2026-04-04T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.57719
published_at	2026-04-07T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.57774
published_at	2026-04-08T12:55:00Z

value	0.00354
scoring_system	epss
scoring_elements	0.57776
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3530

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3530
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3530

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956423
reference_id	1956423
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956423

reference_url

reference_id

AVG-1540

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.gentoo.org/glsa/202208-30
reference_id	GLSA-202208-30
reference_type
scores
url	https://security.gentoo.org/glsa/202208-30

fixed_packages

url	pkg:alpm/archlinux/binutils@2.38-1
purl	pkg:alpm/archlinux/binutils@2.38-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.38-1

aliases CVE-2021-3530

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4uea-bxbr-2kdz

url VCID-cafq-79j3-uue5

vulnerability_id VCID-cafq-79j3-uue5

summary binutils: infinite loop while demangling rust symbols

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3648.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3648.json

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1982320
reference_id	1982320
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1982320

reference_url

reference_id

AVG-1540

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20197.json

fixed_packages

url	pkg:alpm/archlinux/binutils@2.38-1
purl	pkg:alpm/archlinux/binutils@2.38-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.38-1

aliases CVE-2021-3648

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cafq-79j3-uue5

url VCID-znqk-35mz-dqfk

vulnerability_id VCID-znqk-35mz-dqfk

summary Multiple vulnerabilities have been discovered in Binutils, the worst of which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20197.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20197

reference_id

reference_type

scores

value	0.00115
scoring_system	epss
scoring_elements	0.30284
published_at	2026-04-01T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30186
published_at	2026-04-13T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30313
published_at	2026-04-02T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30361
published_at	2026-04-04T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30177
published_at	2026-04-07T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30238
published_at	2026-04-08T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30272
published_at	2026-04-09T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30275
published_at	2026-04-11T12:55:00Z

value	0.00115
scoring_system	epss
scoring_elements	0.30232
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20197

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1913743

reference_id

1913743

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:08:08Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1913743

reference_url

reference_id

AVG-1540

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

GLSA-202208-30

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:08:08Z/

url

https://security.netapp.com/advisory/ntap-20210528-0009/

reference_url

reference_id

ntap-20210528-0009

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:08:08Z/

url

https://security.netapp.com/advisory/ntap-20210528-0009/

reference_url	https://access.redhat.com/errata/RHSA-2021:4364
reference_id	RHSA-2021:4364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4364

reference_url

https://sourceware.org/bugzilla/show_bug.cgi?id=26945

reference_id

show_bug.cgi?id=26945

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:08:08Z/

url

https://sourceware.org/bugzilla/show_bug.cgi?id=26945

fixed_packages

url	pkg:alpm/archlinux/binutils@2.38-1
purl	pkg:alpm/archlinux/binutils@2.38-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.38-1

aliases CVE-2021-20197

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-znqk-35mz-dqfk

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.38-1

pkg:alpm/archlinux/bitcoin-daemon@22.0-1

alpm

archlinux

bitcoin-daemon

22.0-1

true

null

url

VCID-573d-byea-r7cg

vulnerability_id

VCID-573d-byea-r7cg

summary

bitcoind in Bitcoin Core through 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of a fork that has implemented dumpwallet restrictions

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3195

reference_id

reference_type

scores

value	0.00266
scoring_system	epss
scoring_elements	0.5006
published_at	2026-04-13T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.5001
published_at	2026-04-01T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50048
published_at	2026-04-02T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50076
published_at	2026-04-04T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50026
published_at	2026-04-07T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50081
published_at	2026-04-08T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50074
published_at	2026-04-09T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50091
published_at	2026-04-11T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50064
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3195

reference_url

reference_id

AVG-1486

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

http://public2.vulnerablecode.io/vulnerabilities/VCID-573d-byea-r7cg

fixed_packages

aliases

CVE-2021-3195

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

url

VCID-9g6t-dcaz-1kh3

vulnerability_id

VCID-9g6t-dcaz-1kh3

summary

Bitcoin Core 0.12.0 through 0.21.1 does not properly implement the replacement policy specified in BIP125, which makes it easier for attackers to trigger a loss of funds, or a denial of service attack against downstream projects such as Lightning network nodes. An unconfirmed child transaction with nSequence = 0xff_ff_ff_ff, spending an unconfirmed parent with nSequence <= 0xff_ff_ff_fd, should be replaceable because there is inherited signaling by the child transaction. However, the actual PreChecks implementation does not enforce this. Instead, mempool rejects the replacement attempt of the unconfirmed child transaction.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-31876

reference_id

reference_type

scores

value	0.00487
scoring_system	epss
scoring_elements	0.65409
published_at	2026-04-13T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.6533
published_at	2026-04-01T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65378
published_at	2026-04-02T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65405
published_at	2026-04-04T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65368
published_at	2026-04-07T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65421
published_at	2026-04-08T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65432
published_at	2026-04-09T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65451
published_at	2026-04-11T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65437
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-31876

reference_url

reference_id

AVG-1486

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

http://public2.vulnerablecode.io/vulnerabilities/VCID-9g6t-dcaz-1kh3

fixed_packages

aliases

CVE-2021-31876

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bitcoin-daemon@22.0-1

pkg:alpm/archlinux/bitcoin-qt@0.16.2-2

alpm

archlinux

bitcoin-qt

0.16.2-2

true

0.16.3-1

url VCID-mxhd-tkw3-vfd1

vulnerability_id VCID-mxhd-tkw3-vfd1

summary Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-17144

reference_id

reference_type

scores

value	0.51467
scoring_system	epss
scoring_elements	0.97889
published_at	2026-04-13T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97877
published_at	2026-04-07T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97881
published_at	2026-04-08T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97884
published_at	2026-04-09T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97887
published_at	2026-04-11T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97888
published_at	2026-04-12T12:55:00Z

value	0.53268
scoring_system	epss
scoring_elements	0.97957
published_at	2026-04-01T12:55:00Z

value	0.53268
scoring_system	epss
scoring_elements	0.9796
published_at	2026-04-02T12:55:00Z

value	0.53268
scoring_system	epss
scoring_elements	0.97962
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-17144

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17144
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17144

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.archlinux.org/ASA-201809-1
reference_id	ASA-201809-1
reference_type
scores
url	https://security.archlinux.org/ASA-201809-1

reference_url	https://security.archlinux.org/ASA-201809-2
reference_id	ASA-201809-2
reference_type
scores
url	https://security.archlinux.org/ASA-201809-2

reference_url

reference_id

AVG-766

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-768

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2018-17144

fixed_packages

url	pkg:alpm/archlinux/bitcoin-qt@0.16.3-1
purl	pkg:alpm/archlinux/bitcoin-qt@0.16.3-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bitcoin-qt@0.16.3-1

aliases CVE-2018-17144

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mxhd-tkw3-vfd1

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bitcoin-qt@0.16.2-2

pkg:alpm/archlinux/bitcoin-qt@0.16.3-1

alpm

archlinux

bitcoin-qt

0.16.3-1

false

null

url VCID-mxhd-tkw3-vfd1

vulnerability_id VCID-mxhd-tkw3-vfd1

references

reference_url

reference_id

reference_type

scores

value	0.51467
scoring_system	epss
scoring_elements	0.97889
published_at	2026-04-13T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97877
published_at	2026-04-07T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97881
published_at	2026-04-08T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97884
published_at	2026-04-09T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97887
published_at	2026-04-11T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97888
published_at	2026-04-12T12:55:00Z

value	0.53268
scoring_system	epss
scoring_elements	0.97957
published_at	2026-04-01T12:55:00Z

value	0.53268
scoring_system	epss
scoring_elements	0.9796
published_at	2026-04-02T12:55:00Z

value	0.53268
scoring_system	epss
scoring_elements	0.97962
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-17144

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17144
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17144

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.archlinux.org/ASA-201809-1
reference_id	ASA-201809-1
reference_type
scores
url	https://security.archlinux.org/ASA-201809-1

reference_url	https://security.archlinux.org/ASA-201809-2
reference_id	ASA-201809-2
reference_type
scores
url	https://security.archlinux.org/ASA-201809-2

reference_url

reference_id

AVG-766

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-768

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2018-17144

fixed_packages

url	pkg:alpm/archlinux/bitcoin-qt@0.16.3-1
purl	pkg:alpm/archlinux/bitcoin-qt@0.16.3-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bitcoin-qt@0.16.3-1

aliases CVE-2018-17144

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mxhd-tkw3-vfd1

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bitcoin-qt@0.16.3-1

pkg:alpm/archlinux/bitcoin-tx@0.16.2-2

alpm

archlinux

bitcoin-tx

0.16.2-2

true

0.16.3-1

url VCID-mxhd-tkw3-vfd1

vulnerability_id VCID-mxhd-tkw3-vfd1

references

reference_url

reference_id

reference_type

scores

value	0.51467
scoring_system	epss
scoring_elements	0.97889
published_at	2026-04-13T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97877
published_at	2026-04-07T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97881
published_at	2026-04-08T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97884
published_at	2026-04-09T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97887
published_at	2026-04-11T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97888
published_at	2026-04-12T12:55:00Z

value	0.53268
scoring_system	epss
scoring_elements	0.97957
published_at	2026-04-01T12:55:00Z

value	0.53268
scoring_system	epss
scoring_elements	0.9796
published_at	2026-04-02T12:55:00Z

value	0.53268
scoring_system	epss
scoring_elements	0.97962
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-17144

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17144
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17144

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.archlinux.org/ASA-201809-1
reference_id	ASA-201809-1
reference_type
scores
url	https://security.archlinux.org/ASA-201809-1

reference_url	https://security.archlinux.org/ASA-201809-2
reference_id	ASA-201809-2
reference_type
scores
url	https://security.archlinux.org/ASA-201809-2

reference_url

reference_id

AVG-766

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-768

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2018-17144

fixed_packages

url	pkg:alpm/archlinux/bitcoin-tx@0.16.3-1
purl	pkg:alpm/archlinux/bitcoin-tx@0.16.3-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bitcoin-tx@0.16.3-1

aliases CVE-2018-17144

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mxhd-tkw3-vfd1

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bitcoin-tx@0.16.2-2

pkg:alpm/archlinux/bitcoin-tx@0.16.3-1

alpm

archlinux

bitcoin-tx

0.16.3-1

false

null

url VCID-mxhd-tkw3-vfd1

vulnerability_id VCID-mxhd-tkw3-vfd1

references

reference_url

reference_id

reference_type

scores

value	0.51467
scoring_system	epss
scoring_elements	0.97889
published_at	2026-04-13T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97877
published_at	2026-04-07T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97881
published_at	2026-04-08T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97884
published_at	2026-04-09T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97887
published_at	2026-04-11T12:55:00Z

value	0.51467
scoring_system	epss
scoring_elements	0.97888
published_at	2026-04-12T12:55:00Z

value	0.53268
scoring_system	epss
scoring_elements	0.97957
published_at	2026-04-01T12:55:00Z

value	0.53268
scoring_system	epss
scoring_elements	0.9796
published_at	2026-04-02T12:55:00Z

value	0.53268
scoring_system	epss
scoring_elements	0.97962
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-17144

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17144
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17144

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.archlinux.org/ASA-201809-1
reference_id	ASA-201809-1
reference_type
scores
url	https://security.archlinux.org/ASA-201809-1

reference_url	https://security.archlinux.org/ASA-201809-2
reference_id	ASA-201809-2
reference_type
scores
url	https://security.archlinux.org/ASA-201809-2

reference_url

reference_id

AVG-766

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-768

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0546

fixed_packages

url	pkg:alpm/archlinux/bitcoin-tx@0.16.3-1
purl	pkg:alpm/archlinux/bitcoin-tx@0.16.3-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bitcoin-tx@0.16.3-1

aliases CVE-2018-17144

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mxhd-tkw3-vfd1

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bitcoin-tx@0.16.3-1

pkg:alpm/archlinux/blender@17:3.0.1-6

alpm

archlinux

blender

17:3.0.1-6

true

17:3.1.0-1

url VCID-3feg-t1sc-puhk

vulnerability_id VCID-3feg-t1sc-puhk

summary Multiple vulnerabilities have been discovered in Blender, the worst of which could lead to arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	0.00503
scoring_system	epss
scoring_elements	0.66082
published_at	2026-04-13T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66112
published_at	2026-04-12T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66148
published_at	2026-04-04T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66116
published_at	2026-04-07T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66079
published_at	2026-04-01T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66178
published_at	2026-04-09T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66197
published_at	2026-04-11T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66165
published_at	2026-04-08T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66121
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0544
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0544

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0546

reference_url

reference_id

AVG-2799

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0545

reference_url	https://security.gentoo.org/glsa/202403-02
reference_id	GLSA-202403-02
reference_type
scores
url	https://security.gentoo.org/glsa/202403-02

fixed_packages

url	pkg:alpm/archlinux/blender@17:3.1.0-1
purl	pkg:alpm/archlinux/blender@17:3.1.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/blender@17:3.1.0-1

aliases CVE-2022-0546

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3feg-t1sc-puhk

url VCID-anrz-grzm-bued

vulnerability_id VCID-anrz-grzm-bued

summary Multiple vulnerabilities have been discovered in Blender, the worst of which could lead to arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	0.00375
scoring_system	epss
scoring_elements	0.59111
published_at	2026-04-13T12:55:00Z

value	0.00375
scoring_system	epss
scoring_elements	0.5913
published_at	2026-04-12T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.5916
published_at	2026-04-04T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59124
published_at	2026-04-07T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59063
published_at	2026-04-01T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59188
published_at	2026-04-09T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59208
published_at	2026-04-11T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59175
published_at	2026-04-08T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59136
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0544
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0544

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0546

reference_url

reference_id

AVG-2799

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0544

reference_url	https://security.gentoo.org/glsa/202403-02
reference_id	GLSA-202403-02
reference_type
scores
url	https://security.gentoo.org/glsa/202403-02

fixed_packages

url	pkg:alpm/archlinux/blender@17:3.1.0-1
purl	pkg:alpm/archlinux/blender@17:3.1.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/blender@17:3.1.0-1

aliases CVE-2022-0545

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-anrz-grzm-bued

url VCID-qsqj-j8s1-6qfq

vulnerability_id VCID-qsqj-j8s1-6qfq

summary Multiple vulnerabilities have been discovered in Blender, the worst of which could lead to arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	0.00139
scoring_system	epss
scoring_elements	0.33991
published_at	2026-04-13T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.33811
published_at	2026-04-01T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34149
published_at	2026-04-02T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34181
published_at	2026-04-04T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34041
published_at	2026-04-07T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34084
published_at	2026-04-08T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34115
published_at	2026-04-09T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34113
published_at	2026-04-11T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34014
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0544

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0544
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0544

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0546

reference_url

reference_id

AVG-2799

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0546

reference_url	https://security.gentoo.org/glsa/202403-02
reference_id	GLSA-202403-02
reference_type
scores
url	https://security.gentoo.org/glsa/202403-02

fixed_packages

url	pkg:alpm/archlinux/blender@17:3.1.0-1
purl	pkg:alpm/archlinux/blender@17:3.1.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/blender@17:3.1.0-1

aliases CVE-2022-0544

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qsqj-j8s1-6qfq

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/blender@17:3.0.1-6

pkg:alpm/archlinux/blender@17:3.1.0-1

alpm

archlinux

blender

17:3.1.0-1

false

null

url VCID-3feg-t1sc-puhk

vulnerability_id VCID-3feg-t1sc-puhk

summary Multiple vulnerabilities have been discovered in Blender, the worst of which could lead to arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	0.00503
scoring_system	epss
scoring_elements	0.66082
published_at	2026-04-13T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66112
published_at	2026-04-12T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66148
published_at	2026-04-04T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66116
published_at	2026-04-07T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66079
published_at	2026-04-01T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66178
published_at	2026-04-09T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66197
published_at	2026-04-11T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66165
published_at	2026-04-08T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66121
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0544
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0544

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0546

reference_url

reference_id

AVG-2799

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0545

reference_url	https://security.gentoo.org/glsa/202403-02
reference_id	GLSA-202403-02
reference_type
scores
url	https://security.gentoo.org/glsa/202403-02

fixed_packages

url	pkg:alpm/archlinux/blender@17:3.1.0-1
purl	pkg:alpm/archlinux/blender@17:3.1.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/blender@17:3.1.0-1

aliases CVE-2022-0546

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3feg-t1sc-puhk

url VCID-anrz-grzm-bued

vulnerability_id VCID-anrz-grzm-bued

summary Multiple vulnerabilities have been discovered in Blender, the worst of which could lead to arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	0.00375
scoring_system	epss
scoring_elements	0.59111
published_at	2026-04-13T12:55:00Z

value	0.00375
scoring_system	epss
scoring_elements	0.5913
published_at	2026-04-12T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.5916
published_at	2026-04-04T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59124
published_at	2026-04-07T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59063
published_at	2026-04-01T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59188
published_at	2026-04-09T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59208
published_at	2026-04-11T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59175
published_at	2026-04-08T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59136
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0544
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0544

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0546

reference_url

reference_id

AVG-2799

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0544

reference_url	https://security.gentoo.org/glsa/202403-02
reference_id	GLSA-202403-02
reference_type
scores
url	https://security.gentoo.org/glsa/202403-02

fixed_packages

url	pkg:alpm/archlinux/blender@17:3.1.0-1
purl	pkg:alpm/archlinux/blender@17:3.1.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/blender@17:3.1.0-1

aliases CVE-2022-0545

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-anrz-grzm-bued

url VCID-qsqj-j8s1-6qfq

vulnerability_id VCID-qsqj-j8s1-6qfq

summary Multiple vulnerabilities have been discovered in Blender, the worst of which could lead to arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	0.00139
scoring_system	epss
scoring_elements	0.33991
published_at	2026-04-13T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.33811
published_at	2026-04-01T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34149
published_at	2026-04-02T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34181
published_at	2026-04-04T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34041
published_at	2026-04-07T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34084
published_at	2026-04-08T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34115
published_at	2026-04-09T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34113
published_at	2026-04-11T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34014
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0544

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0544
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0544

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0546

reference_url

reference_id

AVG-2799

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2020-15238

reference_url	https://security.gentoo.org/glsa/202403-02
reference_id	GLSA-202403-02
reference_type
scores
url	https://security.gentoo.org/glsa/202403-02

fixed_packages

url	pkg:alpm/archlinux/blender@17:3.1.0-1
purl	pkg:alpm/archlinux/blender@17:3.1.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/blender@17:3.1.0-1

aliases CVE-2022-0544

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qsqj-j8s1-6qfq

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/blender@17:3.1.0-1

pkg:alpm/archlinux/blueman@2.1.3-1

alpm

archlinux

blueman

2.1.3-1

true

2.1.4-1

url VCID-jgqj-mqt7-vucy

vulnerability_id VCID-jgqj-mqt7-vucy

summary

A privilege escalation vulnerability has been discovered in
    Blueman.

references

reference_url

reference_id

reference_type

scores

value	0.00451
scoring_system	epss
scoring_elements	0.63697
published_at	2026-04-13T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63616
published_at	2026-04-01T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63676
published_at	2026-04-02T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63702
published_at	2026-04-04T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63662
published_at	2026-04-07T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63714
published_at	2026-04-08T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.6373
published_at	2026-04-09T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63745
published_at	2026-04-11T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63731
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-15238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15238

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973718
reference_id	973718
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973718

reference_url	https://security.archlinux.org/ASA-202012-12
reference_id	ASA-202012-12
reference_type
scores
url	https://security.archlinux.org/ASA-202012-12

reference_url

reference_id

AVG-1259

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2020-15238

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/48963.txt
reference_id	CVE-2020-15238
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/48963.txt

reference_url	https://security.gentoo.org/glsa/202011-11
reference_id	GLSA-202011-11
reference_type
scores
url	https://security.gentoo.org/glsa/202011-11

reference_url	https://usn.ubuntu.com/4605-1/
reference_id	USN-4605-1
reference_type
scores
url	https://usn.ubuntu.com/4605-1/

fixed_packages

url	pkg:alpm/archlinux/blueman@2.1.4-1
purl	pkg:alpm/archlinux/blueman@2.1.4-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/blueman@2.1.4-1

aliases CVE-2020-15238

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jgqj-mqt7-vucy

10.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/blueman@2.1.3-1

pkg:alpm/archlinux/blueman@2.1.4-1

alpm

archlinux

blueman

2.1.4-1

false

null

url VCID-jgqj-mqt7-vucy

vulnerability_id VCID-jgqj-mqt7-vucy

summary

A privilege escalation vulnerability has been discovered in
    Blueman.

references

reference_url

reference_id

reference_type

scores

value	0.00451
scoring_system	epss
scoring_elements	0.63697
published_at	2026-04-13T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63616
published_at	2026-04-01T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63676
published_at	2026-04-02T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63702
published_at	2026-04-04T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63662
published_at	2026-04-07T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63714
published_at	2026-04-08T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.6373
published_at	2026-04-09T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63745
published_at	2026-04-11T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63731
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-15238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15238

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973718
reference_id	973718
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973718

reference_url	https://security.archlinux.org/ASA-202012-12
reference_id	ASA-202012-12
reference_type
scores
url	https://security.archlinux.org/ASA-202012-12

reference_url

reference_id

AVG-1259

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000250.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/48963.txt
reference_id	CVE-2020-15238
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/48963.txt

reference_url	https://security.gentoo.org/glsa/202011-11
reference_id	GLSA-202011-11
reference_type
scores
url	https://security.gentoo.org/glsa/202011-11

reference_url	https://usn.ubuntu.com/4605-1/
reference_id	USN-4605-1
reference_type
scores
url	https://usn.ubuntu.com/4605-1/

fixed_packages

url	pkg:alpm/archlinux/blueman@2.1.4-1
purl	pkg:alpm/archlinux/blueman@2.1.4-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/blueman@2.1.4-1

aliases CVE-2020-15238

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jgqj-mqt7-vucy

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/blueman@2.1.4-1

pkg:alpm/archlinux/bluez@5.46-1

alpm

archlinux

bluez

5.46-1

true

5.46-2

5.63-1

url VCID-yrc6-qjud-zqaf

vulnerability_id VCID-yrc6-qjud-zqaf

summary security update

references

reference_url	http://nvidia.custhelp.com/app/answers/detail/a_id/4561
reference_id
reference_type
scores
url	http://nvidia.custhelp.com/app/answers/detail/a_id/4561

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000250.json

reference_url	https://access.redhat.com/security/cve/CVE-2017-1000250
reference_id
reference_type
scores
url	https://access.redhat.com/security/cve/CVE-2017-1000250

reference_url	https://access.redhat.com/security/vulnerabilities/blueborne
reference_id
reference_type
scores
url	https://access.redhat.com/security/vulnerabilities/blueborne

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000250

reference_id

reference_type

scores

value	0.36932
scoring_system	epss
scoring_elements	0.97124
published_at	2026-04-01T12:55:00Z

value	0.36932
scoring_system	epss
scoring_elements	0.97153
published_at	2026-04-13T12:55:00Z

value	0.36932
scoring_system	epss
scoring_elements	0.97136
published_at	2026-04-04T12:55:00Z

value	0.36932
scoring_system	epss
scoring_elements	0.97137
published_at	2026-04-07T12:55:00Z

value	0.36932
scoring_system	epss
scoring_elements	0.97147
published_at	2026-04-09T12:55:00Z

value	0.36932
scoring_system	epss
scoring_elements	0.97151
published_at	2026-04-11T12:55:00Z

value	0.36932
scoring_system	epss
scoring_elements	0.97152
published_at	2026-04-12T12:55:00Z

value	0.36932
scoring_system	epss
scoring_elements	0.9713
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000250

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000250
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000250

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:N/A:N

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.armis.com/blueborne
reference_id
reference_type
scores
url	https://www.armis.com/blueborne

reference_url	https://www.kb.cert.org/vuls/id/240311
reference_id
reference_type
scores
url	https://www.kb.cert.org/vuls/id/240311

reference_url	https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne
reference_id
reference_type
scores
url	https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne

reference_url	http://www.debian.org/security/2017/dsa-3972
reference_id
reference_type
scores
url	http://www.debian.org/security/2017/dsa-3972

reference_url	http://www.securityfocus.com/bid/100814
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/100814

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1489446
reference_id	1489446
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1489446

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875633
reference_id	875633
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875633

reference_url	https://security.archlinux.org/ASA-201709-3
reference_id	ASA-201709-3
reference_type
scores
url	https://security.archlinux.org/ASA-201709-3

reference_url

reference_id

AVG-396

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bluez:bluez::::::::
reference_id	cpe:2.3:a:bluez:bluez::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bluez:bluez::::::::

reference_url

reference_id

CVE-2017-1000250

reference_type

scores

value	3.3
scoring_system	cvssv2
scoring_elements	AV:A/AC:L/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000250.json

reference_url	https://access.redhat.com/errata/RHSA-2017:2685
reference_id	RHSA-2017:2685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2685

reference_url	https://usn.ubuntu.com/3413-1/
reference_id	USN-3413-1
reference_type
scores
url	https://usn.ubuntu.com/3413-1/

fixed_packages

url	pkg:alpm/archlinux/bluez@5.46-2
purl	pkg:alpm/archlinux/bluez@5.46-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.46-2

aliases CVE-2017-1000250

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yrc6-qjud-zqaf

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.46-1

pkg:alpm/archlinux/bluez@5.46-2

alpm

archlinux

bluez

5.46-2

false

5.54-1

5.63-1

url VCID-yrc6-qjud-zqaf

vulnerability_id VCID-yrc6-qjud-zqaf

summary security update

references

reference_url	http://nvidia.custhelp.com/app/answers/detail/a_id/4561
reference_id
reference_type
scores
url	http://nvidia.custhelp.com/app/answers/detail/a_id/4561

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000250.json

reference_url	https://access.redhat.com/security/cve/CVE-2017-1000250
reference_id
reference_type
scores
url	https://access.redhat.com/security/cve/CVE-2017-1000250

reference_url	https://access.redhat.com/security/vulnerabilities/blueborne
reference_id
reference_type
scores
url	https://access.redhat.com/security/vulnerabilities/blueborne

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000250

reference_id

reference_type

scores

value	0.36932
scoring_system	epss
scoring_elements	0.97124
published_at	2026-04-01T12:55:00Z

value	0.36932
scoring_system	epss
scoring_elements	0.97153
published_at	2026-04-13T12:55:00Z

value	0.36932
scoring_system	epss
scoring_elements	0.97136
published_at	2026-04-04T12:55:00Z

value	0.36932
scoring_system	epss
scoring_elements	0.97137
published_at	2026-04-07T12:55:00Z

value	0.36932
scoring_system	epss
scoring_elements	0.97147
published_at	2026-04-09T12:55:00Z

value	0.36932
scoring_system	epss
scoring_elements	0.97151
published_at	2026-04-11T12:55:00Z

value	0.36932
scoring_system	epss
scoring_elements	0.97152
published_at	2026-04-12T12:55:00Z

value	0.36932
scoring_system	epss
scoring_elements	0.9713
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000250

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000250
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000250

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:N/A:N

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.armis.com/blueborne
reference_id
reference_type
scores
url	https://www.armis.com/blueborne

reference_url	https://www.kb.cert.org/vuls/id/240311
reference_id
reference_type
scores
url	https://www.kb.cert.org/vuls/id/240311

reference_url	https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne
reference_id
reference_type
scores
url	https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne

reference_url	http://www.debian.org/security/2017/dsa-3972
reference_id
reference_type
scores
url	http://www.debian.org/security/2017/dsa-3972

reference_url	http://www.securityfocus.com/bid/100814
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/100814

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1489446
reference_id	1489446
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1489446

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875633
reference_id	875633
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875633

reference_url	https://security.archlinux.org/ASA-201709-3
reference_id	ASA-201709-3
reference_type
scores
url	https://security.archlinux.org/ASA-201709-3

reference_url

reference_id

AVG-396

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bluez:bluez::::::::
reference_id	cpe:2.3:a:bluez:bluez::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bluez:bluez::::::::

reference_url

reference_id

CVE-2017-1000250

reference_type

scores

value	3.3
scoring_system	cvssv2
scoring_elements	AV:A/AC:L/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0556.json

reference_url	https://access.redhat.com/errata/RHSA-2017:2685
reference_id	RHSA-2017:2685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2685

reference_url	https://usn.ubuntu.com/3413-1/
reference_id	USN-3413-1
reference_type
scores
url	https://usn.ubuntu.com/3413-1/

fixed_packages

url	pkg:alpm/archlinux/bluez@5.46-2
purl	pkg:alpm/archlinux/bluez@5.46-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.46-2

aliases CVE-2017-1000250

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yrc6-qjud-zqaf

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.46-2

pkg:alpm/archlinux/bluez@5.53-1

alpm

archlinux

bluez

5.53-1

true

5.54-1

5.63-1

url VCID-zyyf-565p-h7d6

vulnerability_id VCID-zyyf-565p-h7d6

summary

A vulnerability in BlueZ might allow remote attackers to bypass
    security restrictions.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00008.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00055.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00055.html

reference_url

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0556.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-0556

reference_id

reference_type

scores

value	0.00161
scoring_system	epss
scoring_elements	0.36955
published_at	2026-04-01T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37002
published_at	2026-04-13T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37041
published_at	2026-04-08T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37053
published_at	2026-04-09T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37063
published_at	2026-04-11T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37029
published_at	2026-04-12T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37128
published_at	2026-04-02T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.3716
published_at	2026-04-04T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.3699
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-0556

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0556
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0556

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2020/06/msg00008.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/06/msg00008.html

reference_url	https://www.debian.org/security/2020/dsa-4647
reference_id
reference_type
scores
url	https://www.debian.org/security/2020/dsa-4647

reference_url	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html
reference_id
reference_type
scores
url	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1814293
reference_id	1814293
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1814293

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953770
reference_id	953770
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953770

reference_url	https://security.archlinux.org/ASA-202003-13
reference_id	ASA-202003-13
reference_type
scores
url	https://security.archlinux.org/ASA-202003-13

reference_url

reference_id

AVG-1116

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bluez:bluez::::::::
reference_id	cpe:2.3:a:bluez:bluez::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bluez:bluez::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:::::::*

reference_url

reference_id

CVE-2020-0556

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:A/AC:L/Au:N/C:P/I:P/A:P

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0556.json

reference_url	https://security.gentoo.org/glsa/202003-49
reference_id	GLSA-202003-49
reference_type
scores
url	https://security.gentoo.org/glsa/202003-49

reference_url	https://access.redhat.com/errata/RHSA-2020:4001
reference_id	RHSA-2020:4001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4001

reference_url	https://access.redhat.com/errata/RHSA-2020:4481
reference_id	RHSA-2020:4481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4481

reference_url	https://usn.ubuntu.com/4311-1/
reference_id	USN-4311-1
reference_type
scores
url	https://usn.ubuntu.com/4311-1/

fixed_packages

url	pkg:alpm/archlinux/bluez@5.54-1
purl	pkg:alpm/archlinux/bluez@5.54-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.54-1

aliases CVE-2020-0556

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zyyf-565p-h7d6

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.53-1

pkg:alpm/archlinux/bluez@5.54-1

alpm

archlinux

bluez

5.54-1

false

5.56-1

5.63-1

url VCID-zyyf-565p-h7d6

vulnerability_id VCID-zyyf-565p-h7d6

summary

A vulnerability in BlueZ might allow remote attackers to bypass
    security restrictions.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00008.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00055.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00055.html

reference_url

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0556.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-0556

reference_id

reference_type

scores

value	0.00161
scoring_system	epss
scoring_elements	0.36955
published_at	2026-04-01T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37002
published_at	2026-04-13T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37041
published_at	2026-04-08T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37053
published_at	2026-04-09T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37063
published_at	2026-04-11T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37029
published_at	2026-04-12T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.37128
published_at	2026-04-02T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.3716
published_at	2026-04-04T12:55:00Z

value	0.00161
scoring_system	epss
scoring_elements	0.3699
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-0556

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0556
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0556

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2020/06/msg00008.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/06/msg00008.html

reference_url	https://www.debian.org/security/2020/dsa-4647
reference_id
reference_type
scores
url	https://www.debian.org/security/2020/dsa-4647

reference_url	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html
reference_id
reference_type
scores
url	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1814293
reference_id	1814293
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1814293

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953770
reference_id	953770
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953770

reference_url	https://security.archlinux.org/ASA-202003-13
reference_id	ASA-202003-13
reference_type
scores
url	https://security.archlinux.org/ASA-202003-13

reference_url

reference_id

AVG-1116

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bluez:bluez::::::::
reference_id	cpe:2.3:a:bluez:bluez::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bluez:bluez::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.2:::::::*

reference_url

reference_id

CVE-2020-0556

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:A/AC:L/Au:N/C:P/I:P/A:P

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3588.json

reference_url	https://security.gentoo.org/glsa/202003-49
reference_id	GLSA-202003-49
reference_type
scores
url	https://security.gentoo.org/glsa/202003-49

reference_url	https://access.redhat.com/errata/RHSA-2020:4001
reference_id	RHSA-2020:4001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4001

reference_url	https://access.redhat.com/errata/RHSA-2020:4481
reference_id	RHSA-2020:4481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4481

reference_url	https://usn.ubuntu.com/4311-1/
reference_id	USN-4311-1
reference_type
scores
url	https://usn.ubuntu.com/4311-1/

fixed_packages

url	pkg:alpm/archlinux/bluez@5.54-1
purl	pkg:alpm/archlinux/bluez@5.54-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.54-1

aliases CVE-2020-0556

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zyyf-565p-h7d6

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.54-1

pkg:alpm/archlinux/bluez@5.55-3

alpm

archlinux

bluez

5.55-3

true

5.56-1

5.63-1

url VCID-6d8c-y2y7-t3cj

vulnerability_id VCID-6d8c-y2y7-t3cj

summary Multiple vulnerabilities have been discovered in BlueZ, the worst of which could result in arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3588.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3588

reference_id

reference_type

scores

value	0.00121
scoring_system	epss
scoring_elements	0.31148
published_at	2026-04-01T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31139
published_at	2026-04-13T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31226
published_at	2026-04-11T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31182
published_at	2026-04-12T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31276
published_at	2026-04-02T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31317
published_at	2026-04-04T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31137
published_at	2026-04-07T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.3119
published_at	2026-04-08T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31221
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3588

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3588
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3588

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1970592
reference_id	1970592
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1970592

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989700
reference_id	989700
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989700

reference_url

reference_id

AVG-2061

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3588.json

reference_url	https://security.gentoo.org/glsa/202209-16
reference_id	GLSA-202209-16
reference_type
scores
url	https://security.gentoo.org/glsa/202209-16

reference_url	https://usn.ubuntu.com/4989-1/
reference_id	USN-4989-1
reference_type
scores
url	https://usn.ubuntu.com/4989-1/

fixed_packages

url	pkg:alpm/archlinux/bluez@5.56-1
purl	pkg:alpm/archlinux/bluez@5.56-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.56-1

aliases CVE-2021-3588

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6d8c-y2y7-t3cj

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.55-3

pkg:alpm/archlinux/bluez@5.56-1

alpm

archlinux

bluez

5.56-1

false

5.57-1

5.63-1

url VCID-6d8c-y2y7-t3cj

vulnerability_id VCID-6d8c-y2y7-t3cj

summary Multiple vulnerabilities have been discovered in BlueZ, the worst of which could result in arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3588.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3588

reference_id

reference_type

scores

value	0.00121
scoring_system	epss
scoring_elements	0.31148
published_at	2026-04-01T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31139
published_at	2026-04-13T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31226
published_at	2026-04-11T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31182
published_at	2026-04-12T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31276
published_at	2026-04-02T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31317
published_at	2026-04-04T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31137
published_at	2026-04-07T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.3119
published_at	2026-04-08T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31221
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3588

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3588
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3588

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1970592
reference_id	1970592
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1970592

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989700
reference_id	989700
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989700

reference_url

reference_id

AVG-2061

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26558.json

reference_url	https://security.gentoo.org/glsa/202209-16
reference_id	GLSA-202209-16
reference_type
scores
url	https://security.gentoo.org/glsa/202209-16

reference_url	https://usn.ubuntu.com/4989-1/
reference_id	USN-4989-1
reference_type
scores
url	https://usn.ubuntu.com/4989-1/

fixed_packages

url	pkg:alpm/archlinux/bluez@5.56-1
purl	pkg:alpm/archlinux/bluez@5.56-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.56-1

aliases CVE-2021-3588

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6d8c-y2y7-t3cj

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.56-1

pkg:alpm/archlinux/bluez@5.56-2

alpm

archlinux

bluez

5.56-2

true

5.57-1

5.63-1

url VCID-ctaf-8vuf-tqgg

vulnerability_id VCID-ctaf-8vuf-tqgg

summary Multiple vulnerabilities have been discovered in BlueZ, the worst of which could result in arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26558.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-26558

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06206
published_at	2026-04-01T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06312
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06337
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06329
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06324
published_at	2026-04-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.0624
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06271
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.0625
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06296
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-26558

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26558
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26558

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27153
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27153

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0129

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1918602
reference_id	1918602
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1918602

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989614
reference_id	989614
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989614

reference_url

reference_id

AVG-2049

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2050

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26558.json

reference_url	https://security.gentoo.org/glsa/202209-16
reference_id	GLSA-202209-16
reference_type
scores
url	https://security.gentoo.org/glsa/202209-16

reference_url	https://access.redhat.com/errata/RHSA-2021:4432
reference_id	RHSA-2021:4432
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4432

reference_url	https://usn.ubuntu.com/4989-1/
reference_id	USN-4989-1
reference_type
scores
url	https://usn.ubuntu.com/4989-1/

reference_url	https://usn.ubuntu.com/4989-2/
reference_id	USN-4989-2
reference_type
scores
url	https://usn.ubuntu.com/4989-2/

reference_url	https://usn.ubuntu.com/5017-1/
reference_id	USN-5017-1
reference_type
scores
url	https://usn.ubuntu.com/5017-1/

reference_url	https://usn.ubuntu.com/5018-1/
reference_id	USN-5018-1
reference_type
scores
url	https://usn.ubuntu.com/5018-1/

reference_url	https://usn.ubuntu.com/5046-1/
reference_id	USN-5046-1
reference_type
scores
url	https://usn.ubuntu.com/5046-1/

reference_url	https://usn.ubuntu.com/5050-1/
reference_id	USN-5050-1
reference_type
scores
url	https://usn.ubuntu.com/5050-1/

reference_url	https://usn.ubuntu.com/5299-1/
reference_id	USN-5299-1
reference_type
scores
url	https://usn.ubuntu.com/5299-1/

reference_url	https://usn.ubuntu.com/5343-1/
reference_id	USN-5343-1
reference_type
scores
url	https://usn.ubuntu.com/5343-1/

fixed_packages

url	pkg:alpm/archlinux/bluez@5.57-1
purl	pkg:alpm/archlinux/bluez@5.57-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.57-1

aliases CVE-2020-26558

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ctaf-8vuf-tqgg

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.56-2

pkg:alpm/archlinux/bluez@5.57-1

alpm

archlinux

bluez

5.57-1

false

5.61-1

5.63-1

url VCID-ctaf-8vuf-tqgg

vulnerability_id VCID-ctaf-8vuf-tqgg

summary Multiple vulnerabilities have been discovered in BlueZ, the worst of which could result in arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26558.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-26558

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06206
published_at	2026-04-01T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06312
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06337
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06329
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06324
published_at	2026-04-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.0624
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06271
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.0625
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06296
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-26558

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26558
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26558

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27153
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27153

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0129

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1918602
reference_id	1918602
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1918602

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989614
reference_id	989614
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989614

reference_url

reference_id

AVG-2049

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2050

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3658.json

reference_url	https://security.gentoo.org/glsa/202209-16
reference_id	GLSA-202209-16
reference_type
scores
url	https://security.gentoo.org/glsa/202209-16

reference_url	https://access.redhat.com/errata/RHSA-2021:4432
reference_id	RHSA-2021:4432
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4432

reference_url	https://usn.ubuntu.com/4989-1/
reference_id	USN-4989-1
reference_type
scores
url	https://usn.ubuntu.com/4989-1/

reference_url	https://usn.ubuntu.com/4989-2/
reference_id	USN-4989-2
reference_type
scores
url	https://usn.ubuntu.com/4989-2/

reference_url	https://usn.ubuntu.com/5017-1/
reference_id	USN-5017-1
reference_type
scores
url	https://usn.ubuntu.com/5017-1/

reference_url	https://usn.ubuntu.com/5018-1/
reference_id	USN-5018-1
reference_type
scores
url	https://usn.ubuntu.com/5018-1/

reference_url	https://usn.ubuntu.com/5046-1/
reference_id	USN-5046-1
reference_type
scores
url	https://usn.ubuntu.com/5046-1/

reference_url	https://usn.ubuntu.com/5050-1/
reference_id	USN-5050-1
reference_type
scores
url	https://usn.ubuntu.com/5050-1/

reference_url	https://usn.ubuntu.com/5299-1/
reference_id	USN-5299-1
reference_type
scores
url	https://usn.ubuntu.com/5299-1/

reference_url	https://usn.ubuntu.com/5343-1/
reference_id	USN-5343-1
reference_type
scores
url	https://usn.ubuntu.com/5343-1/

fixed_packages

url	pkg:alpm/archlinux/bluez@5.57-1
purl	pkg:alpm/archlinux/bluez@5.57-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.57-1

aliases CVE-2020-26558

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ctaf-8vuf-tqgg

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.57-1

pkg:alpm/archlinux/bluez@5.60-1

alpm

archlinux

bluez

5.60-1

true

5.61-1

5.63-1

url VCID-15pa-mh4x-13ch

vulnerability_id VCID-15pa-mh4x-13ch

summary bluez: adapter incorrectly restores Discoverable state after powered down

references

reference_url

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3658.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3658

reference_id

reference_type

scores

value	0.00073
scoring_system	epss
scoring_elements	0.22114
published_at	2026-04-01T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22155
published_at	2026-04-13T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22256
published_at	2026-04-11T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22215
published_at	2026-04-12T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22273
published_at	2026-04-02T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22315
published_at	2026-04-04T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22101
published_at	2026-04-07T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22183
published_at	2026-04-08T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22237
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3658

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3658
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3658

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1984728
reference_id	1984728
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1984728

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991596
reference_id	991596
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991596

reference_url

reference_id

AVG-2231

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3658.json

reference_url	https://usn.ubuntu.com/5155-1/
reference_id	USN-5155-1
reference_type
scores
url	https://usn.ubuntu.com/5155-1/

fixed_packages

url	pkg:alpm/archlinux/bluez@5.61-1
purl	pkg:alpm/archlinux/bluez@5.61-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.61-1

aliases CVE-2021-3658

risk_score 2.0

exploitability 0.5

weighted_severity 4.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-15pa-mh4x-13ch

2.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.60-1

pkg:alpm/archlinux/bluez@5.61-1

alpm

archlinux

bluez

5.61-1

false

5.63-1

url VCID-15pa-mh4x-13ch

vulnerability_id VCID-15pa-mh4x-13ch

summary bluez: adapter incorrectly restores Discoverable state after powered down

references

reference_url

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3658.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3658

reference_id

reference_type

scores

value	0.00073
scoring_system	epss
scoring_elements	0.22114
published_at	2026-04-01T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22155
published_at	2026-04-13T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22256
published_at	2026-04-11T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22215
published_at	2026-04-12T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22273
published_at	2026-04-02T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22315
published_at	2026-04-04T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22101
published_at	2026-04-07T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22183
published_at	2026-04-08T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22237
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3658

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3658
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3658

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1984728
reference_id	1984728
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1984728

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991596
reference_id	991596
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991596

reference_url

reference_id

AVG-2231

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41229.json

reference_url	https://usn.ubuntu.com/5155-1/
reference_id	USN-5155-1
reference_type
scores
url	https://usn.ubuntu.com/5155-1/

fixed_packages

url	pkg:alpm/archlinux/bluez@5.61-1
purl	pkg:alpm/archlinux/bluez@5.61-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.61-1

aliases CVE-2021-3658

risk_score 2.0

exploitability 0.5

weighted_severity 4.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-15pa-mh4x-13ch

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.61-1

pkg:alpm/archlinux/bluez@5.62-1

alpm

archlinux

bluez

5.62-1

true

5.63-1

url VCID-g2pd-d2mm-8fd3

vulnerability_id VCID-g2pd-d2mm-8fd3

summary bluez: memory leak in the SDP protocol

references

reference_url

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41229.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-41229

reference_id

reference_type

scores

value	0.00044
scoring_system	epss
scoring_elements	0.13504
published_at	2026-04-01T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13482
published_at	2026-04-13T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13568
published_at	2026-04-11T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.1353
published_at	2026-04-12T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13604
published_at	2026-04-02T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13665
published_at	2026-04-04T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13465
published_at	2026-04-07T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13545
published_at	2026-04-08T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13595
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-41229

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41229
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41229

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000262
reference_id	1000262
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000262

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2025034
reference_id	2025034
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2025034

reference_url

reference_id

AVG-2553

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41229.json

reference_url	https://access.redhat.com/errata/RHSA-2022:2081
reference_id	RHSA-2022:2081
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2081

reference_url	https://usn.ubuntu.com/5155-1/
reference_id	USN-5155-1
reference_type
scores
url	https://usn.ubuntu.com/5155-1/

fixed_packages

url	pkg:alpm/archlinux/bluez@5.63-1
purl	pkg:alpm/archlinux/bluez@5.63-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.63-1

aliases CVE-2021-41229

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2pd-d2mm-8fd3

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.62-1

pkg:alpm/archlinux/bluez@5.63-1

alpm

archlinux

bluez

5.63-1

false

null

url VCID-g2pd-d2mm-8fd3

vulnerability_id VCID-g2pd-d2mm-8fd3

summary bluez: memory leak in the SDP protocol

references

reference_url

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41229.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-41229

reference_id

reference_type

scores

value	0.00044
scoring_system	epss
scoring_elements	0.13504
published_at	2026-04-01T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13482
published_at	2026-04-13T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13568
published_at	2026-04-11T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.1353
published_at	2026-04-12T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13604
published_at	2026-04-02T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13665
published_at	2026-04-04T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13465
published_at	2026-04-07T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13545
published_at	2026-04-08T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13595
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-41229

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41229
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41229

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000262
reference_id	1000262
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000262

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2025034
reference_id	2025034
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2025034

reference_url

reference_id

AVG-2553

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14737

reference_url	https://access.redhat.com/errata/RHSA-2022:2081
reference_id	RHSA-2022:2081
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2081

reference_url	https://usn.ubuntu.com/5155-1/
reference_id	USN-5155-1
reference_type
scores
url	https://usn.ubuntu.com/5155-1/

fixed_packages

url	pkg:alpm/archlinux/bluez@5.63-1
purl	pkg:alpm/archlinux/bluez@5.63-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.63-1

aliases CVE-2021-41229

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2pd-d2mm-8fd3

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bluez@5.63-1

pkg:alpm/archlinux/botan@2.2.0-1

alpm

archlinux

botan

2.2.0-1

true

2.3.0-1

2.18.2-1

url VCID-8nmu-s87y-wycj

vulnerability_id VCID-8nmu-s87y-wycj

summary A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key.

references

reference_url

reference_id

reference_type

scores

value	0.00052
scoring_system	epss
scoring_elements	0.16167
published_at	2026-04-13T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16227
published_at	2026-04-08T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16293
published_at	2026-04-09T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16275
published_at	2026-04-11T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16235
published_at	2026-04-12T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16096
published_at	2026-04-01T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.1628
published_at	2026-04-02T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16341
published_at	2026-04-04T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16141
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14737

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:S/C:P/I:N/A:N

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/randombit/botan/issues/1222
reference_id
reference_type
scores
url	https://github.com/randombit/botan/issues/1222

reference_url	https://lists.debian.org/debian-lts-announce/2021/11/msg00006.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/11/msg00006.html

reference_url	https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/wang-shuai
reference_id
reference_type
scores
url	https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/wang-shuai

reference_url	https://security.archlinux.org/ASA-201710-17
reference_id	ASA-201710-17
reference_type
scores
url	https://security.archlinux.org/ASA-201710-17

reference_url

reference_id

AVG-416

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan::::::::
reference_id	cpe:2.3:a:botan_project:botan::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.0:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.1:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.10:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.11:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.12:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.13:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.14:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.15:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.16:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.17:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.18:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.19:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.19:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.2:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.20:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.21:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.22:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.23:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.24:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.24:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.24:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.25:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.25:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.25:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.26:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.26:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.26:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.27:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.27:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.28:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.3:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.33:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.33:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.33:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.34:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.34:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.34:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.4:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.5:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.6:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.7:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.8:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.9:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.0.0:::::::*
reference_id	cpe:2.3:a:botan_project:botan:2.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.0.1:::::::*
reference_id	cpe:2.3:a:botan_project:botan:2.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.1.0:::::::*
reference_id	cpe:2.3:a:botan_project:botan:2.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.2.0:::::::*
reference_id	cpe:2.3:a:botan_project:botan:2.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-14737

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:N/A:N

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14737

fixed_packages

url	pkg:alpm/archlinux/botan@2.3.0-1
purl	pkg:alpm/archlinux/botan@2.3.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/botan@2.3.0-1

aliases CVE-2017-14737

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8nmu-s87y-wycj

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/botan@2.2.0-1

pkg:alpm/archlinux/botan@2.3.0-1

alpm

archlinux

botan

2.3.0-1

false

2.18.2-1

url VCID-8nmu-s87y-wycj

vulnerability_id VCID-8nmu-s87y-wycj

references

reference_url

reference_id

reference_type

scores

value	0.00052
scoring_system	epss
scoring_elements	0.16167
published_at	2026-04-13T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16227
published_at	2026-04-08T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16293
published_at	2026-04-09T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16275
published_at	2026-04-11T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16235
published_at	2026-04-12T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16096
published_at	2026-04-01T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.1628
published_at	2026-04-02T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16341
published_at	2026-04-04T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16141
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14737

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:S/C:P/I:N/A:N

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/randombit/botan/issues/1222
reference_id
reference_type
scores
url	https://github.com/randombit/botan/issues/1222

reference_url	https://lists.debian.org/debian-lts-announce/2021/11/msg00006.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/11/msg00006.html

reference_url	https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/wang-shuai
reference_id
reference_type
scores
url	https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/wang-shuai

reference_url	https://security.archlinux.org/ASA-201710-17
reference_id	ASA-201710-17
reference_type
scores
url	https://security.archlinux.org/ASA-201710-17

reference_url

reference_id

AVG-416

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan::::::::
reference_id	cpe:2.3:a:botan_project:botan::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.0:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.1:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.10:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.11:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.12:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.13:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.14:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.15:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.16:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.17:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.18:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.19:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.19:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.2:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.20:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.21:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.22:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.23:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.24:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.24:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.24:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.25:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.25:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.25:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.26:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.26:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.26:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.27:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.27:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.28:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.3:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.33:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.33:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.33:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.34:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.34:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.34:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.4:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.5:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.6:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.7:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.8:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.9:::::::*
reference_id	cpe:2.3:a:botan_project:botan:1.11.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:1.11.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.0.0:::::::*
reference_id	cpe:2.3:a:botan_project:botan:2.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.0.1:::::::*
reference_id	cpe:2.3:a:botan_project:botan:2.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.1.0:::::::*
reference_id	cpe:2.3:a:botan_project:botan:2.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.2.0:::::::*
reference_id	cpe:2.3:a:botan_project:botan:2.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:botan_project:botan:2.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-14737

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:N/A:N

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://api.first.org/data/v1/epss?cve=CVE-2021-40529

fixed_packages

url	pkg:alpm/archlinux/botan@2.3.0-1
purl	pkg:alpm/archlinux/botan@2.3.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/botan@2.3.0-1

aliases CVE-2017-14737

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8nmu-s87y-wycj

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/botan@2.3.0-1

pkg:alpm/archlinux/botan@2.18.1-1

alpm

archlinux

botan

2.18.1-1

true

2.18.2-1

url VCID-xffg-w6fz-yqfj

vulnerability_id VCID-xffg-w6fz-yqfj

summary

Use of a Broken or Risky Cryptographic Algorithm
The ElGamal implementation in Botan, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.

references

reference_url

reference_id

reference_type

scores

value	0.003
scoring_system	epss
scoring_elements	0.53325
published_at	2026-04-13T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53242
published_at	2026-04-01T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53265
published_at	2026-04-02T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53291
published_at	2026-04-04T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.5326
published_at	2026-04-07T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53312
published_at	2026-04-08T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53307
published_at	2026-04-09T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53357
published_at	2026-04-11T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53341
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-40529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40529

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993840
reference_id	993840
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993840

reference_url

reference_id

AVG-2362

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2021-40529

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-40529
reference_id	CVE-2021-40529
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-40529

reference_url	https://security.gentoo.org/glsa/202208-14
reference_id	GLSA-202208-14
reference_type
scores
url	https://security.gentoo.org/glsa/202208-14

fixed_packages

url	pkg:alpm/archlinux/botan@2.18.2-1
purl	pkg:alpm/archlinux/botan@2.18.2-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/botan@2.18.2-1

aliases CVE-2021-40529

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xffg-w6fz-yqfj

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/botan@2.18.1-1

pkg:alpm/archlinux/botan@2.18.2-1

alpm

archlinux

botan

2.18.2-1

false

null

url VCID-xffg-w6fz-yqfj

vulnerability_id VCID-xffg-w6fz-yqfj

summary

Use of a Broken or Risky Cryptographic Algorithm
The ElGamal implementation in Botan, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.

references

reference_url

reference_id

reference_type

scores

value	0.003
scoring_system	epss
scoring_elements	0.53325
published_at	2026-04-13T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53242
published_at	2026-04-01T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53265
published_at	2026-04-02T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53291
published_at	2026-04-04T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.5326
published_at	2026-04-07T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53312
published_at	2026-04-08T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53307
published_at	2026-04-09T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53357
published_at	2026-04-11T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53341
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-40529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40529

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993840
reference_id	993840
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993840

reference_url

reference_id

AVG-2362

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00108.html

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-40529
reference_id	CVE-2021-40529
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-40529

reference_url	https://security.gentoo.org/glsa/202208-14
reference_id	GLSA-202208-14
reference_type
scores
url	https://security.gentoo.org/glsa/202208-14

fixed_packages

url	pkg:alpm/archlinux/botan@2.18.2-1
purl	pkg:alpm/archlinux/botan@2.18.2-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/botan@2.18.2-1

aliases CVE-2021-40529

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xffg-w6fz-yqfj

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/botan@2.18.2-1

pkg:alpm/archlinux/brotli@1.0.7-1

alpm

archlinux

brotli

1.0.7-1

true

1.0.9-1

url VCID-69ua-s6h2-3uhc

vulnerability_id VCID-69ua-s6h2-3uhc

summary A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00108.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8927.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8927.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36846

reference_id

reference_type

scores

value	0.0054
scoring_system	epss
scoring_elements	0.67617
published_at	2026-04-13T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.6754
published_at	2026-04-01T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.67576
published_at	2026-04-07T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.67627
published_at	2026-04-08T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.67598
published_at	2026-04-04T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.6764
published_at	2026-04-09T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.67663
published_at	2026-04-11T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.67649
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36846

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8927

reference_id

reference_type

scores

value	0.0031
scoring_system	epss
scoring_elements	0.54138
published_at	2026-04-08T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54146
published_at	2026-04-13T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54167
published_at	2026-04-12T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54185
published_at	2026-04-11T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54135
published_at	2026-04-09T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54086
published_at	2026-04-07T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54112
published_at	2026-04-04T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54083
published_at	2026-04-02T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54065
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8927

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8927
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8927

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/github/advisory-database/issues/785

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/github/advisory-database/issues/785

reference_url

https://github.com/google/brotli/commit/223d80cfbec8fd346e32906c732c8ede21f0cea6

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-30T14:40:47Z/

url

https://github.com/google/brotli/commit/223d80cfbec8fd346e32906c732c8ede21f0cea6

reference_url

https://github.com/google/brotli/releases/tag/v1.0.8

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/google/brotli/releases/tag/v1.0.8

reference_url

https://github.com/google/brotli/releases/tag/v1.0.9

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/google/brotli/releases/tag/v1.0.9

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/brotli/PYSEC-2020-29.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/brotli/PYSEC-2020-29.yaml

reference_url

https://lists.debian.org/debian-lts-announce/2020/12/msg00003.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/12/msg00003.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/356JOYTWW4BWSZ42SEFLV7NYHL3S3AEH

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/356JOYTWW4BWSZ42SEFLV7NYHL3S3AEH

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/356JOYTWW4BWSZ42SEFLV7NYHL3S3AEH/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/356JOYTWW4BWSZ42SEFLV7NYHL3S3AEH/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J4E265WKWKYMK2RYYSIXBEGZTDY5IQE6

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J4E265WKWKYMK2RYYSIXBEGZTDY5IQE6

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J4E265WKWKYMK2RYYSIXBEGZTDY5IQE6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J4E265WKWKYMK2RYYSIXBEGZTDY5IQE6/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4VCDOJGL6BK3HB4XRD2WETBPYX2ITF6

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4VCDOJGL6BK3HB4XRD2WETBPYX2ITF6

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4VCDOJGL6BK3HB4XRD2WETBPYX2ITF6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4VCDOJGL6BK3HB4XRD2WETBPYX2ITF6/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMBKACMLSRX7JJSKBTR35UOEP2WFR6QP

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMBKACMLSRX7JJSKBTR35UOEP2WFR6QP

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMBKACMLSRX7JJSKBTR35UOEP2WFR6QP/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMBKACMLSRX7JJSKBTR35UOEP2WFR6QP/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W23CUADGMVMQQNFKHPHXVP7RPZJZNN6I

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W23CUADGMVMQQNFKHPHXVP7RPZJZNN6I

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W23CUADGMVMQQNFKHPHXVP7RPZJZNN6I/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W23CUADGMVMQQNFKHPHXVP7RPZJZNN6I/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WW62OZEY2GHJL4JCOLJRBSRETXDHMWRK

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WW62OZEY2GHJL4JCOLJRBSRETXDHMWRK

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WW62OZEY2GHJL4JCOLJRBSRETXDHMWRK/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WW62OZEY2GHJL4JCOLJRBSRETXDHMWRK/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-30T14:40:47Z/

url

https://rustsec.org/advisories/RUSTSEC-2021-0131.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://rustsec.org/advisories/RUSTSEC-2021-0131.html

reference_url

https://rustsec.org/advisories/RUSTSEC-2021-0132.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://rustsec.org/advisories/RUSTSEC-2021-0132.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url	https://usn.ubuntu.com/4568-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4568-1/

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1879225
reference_id	1879225
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1879225

reference_url

reference_id

826

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-30T14:40:47Z/

url

reference_url	https://security.archlinux.org/ASA-202009-12
reference_id	ASA-202009-12
reference_type
scores
url	https://security.archlinux.org/ASA-202009-12

reference_url	https://security.archlinux.org/ASA-202009-13
reference_id	ASA-202009-13
reference_type
scores
url	https://security.archlinux.org/ASA-202009-13

reference_url

reference_id

AVG-1230

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1231

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://github.com/timlegge/perl-IO-Compress-Brotli/blob/8b44c83b23bb4658179e1494af4b725a1bc476bc/Changes#L52

reference_url

reference_id

Changes#L52

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-30T14:40:47Z/

url

https://github.com/timlegge/perl-IO-Compress-Brotli/blob/8b44c83b23bb4658179e1494af4b725a1bc476bc/Changes#L52

reference_url

reference_id

GHSA-5v8v-66v8-mwm7

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-30T14:40:47Z/

url

http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00108.html

reference_url	https://access.redhat.com/errata/RHSA-2021:1702
reference_id	RHSA-2021:1702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1702

reference_url	https://access.redhat.com/errata/RHSA-2022:0827
reference_id	RHSA-2022:0827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0827

reference_url	https://access.redhat.com/errata/RHSA-2022:0828
reference_id	RHSA-2022:0828
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0828

reference_url	https://access.redhat.com/errata/RHSA-2022:0829
reference_id	RHSA-2022:0829
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0829

reference_url	https://access.redhat.com/errata/RHSA-2022:0830
reference_id	RHSA-2022:0830
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0830

fixed_packages

url	pkg:alpm/archlinux/brotli@1.0.9-1
purl	pkg:alpm/archlinux/brotli@1.0.9-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/brotli@1.0.9-1

aliases BIT-brotli-2020-8927, BIT-dotnet-2020-8927, BIT-dotnet-sdk-2020-8927, BIT-powershell-2020-8927, CVE-2020-36846, CVE-2020-8927, GHSA-5v8v-66v8-mwm7, GO-2025-3726, PYSEC-2020-29, RUSTSEC-2021-0131, RUSTSEC-2021-0132

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-69ua-s6h2-3uhc

4.4

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/brotli@1.0.7-1

pkg:alpm/archlinux/brotli@1.0.9-1

alpm

archlinux

brotli

1.0.9-1

false

null

url VCID-69ua-s6h2-3uhc

vulnerability_id VCID-69ua-s6h2-3uhc

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00108.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8927.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8927.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36846

reference_id

reference_type

scores

value	0.0054
scoring_system	epss
scoring_elements	0.67617
published_at	2026-04-13T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.6754
published_at	2026-04-01T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.67576
published_at	2026-04-07T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.67627
published_at	2026-04-08T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.67598
published_at	2026-04-04T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.6764
published_at	2026-04-09T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.67663
published_at	2026-04-11T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.67649
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36846

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8927

reference_id

reference_type

scores

value	0.0031
scoring_system	epss
scoring_elements	0.54138
published_at	2026-04-08T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54146
published_at	2026-04-13T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54167
published_at	2026-04-12T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54185
published_at	2026-04-11T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54135
published_at	2026-04-09T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54086
published_at	2026-04-07T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54112
published_at	2026-04-04T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54083
published_at	2026-04-02T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54065
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8927

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8927
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8927

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/github/advisory-database/issues/785

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/github/advisory-database/issues/785

reference_url

https://github.com/google/brotli/commit/223d80cfbec8fd346e32906c732c8ede21f0cea6

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-30T14:40:47Z/

url

https://github.com/google/brotli/commit/223d80cfbec8fd346e32906c732c8ede21f0cea6

reference_url

https://github.com/google/brotli/releases/tag/v1.0.8

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/google/brotli/releases/tag/v1.0.8

reference_url

https://github.com/google/brotli/releases/tag/v1.0.9

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/google/brotli/releases/tag/v1.0.9

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/brotli/PYSEC-2020-29.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/brotli/PYSEC-2020-29.yaml

reference_url

https://lists.debian.org/debian-lts-announce/2020/12/msg00003.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/12/msg00003.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/356JOYTWW4BWSZ42SEFLV7NYHL3S3AEH

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/356JOYTWW4BWSZ42SEFLV7NYHL3S3AEH

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/356JOYTWW4BWSZ42SEFLV7NYHL3S3AEH/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/356JOYTWW4BWSZ42SEFLV7NYHL3S3AEH/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4TOGTZ2ZWDH662ZNFFSZVL3M5AJXV6JF

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J4E265WKWKYMK2RYYSIXBEGZTDY5IQE6

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J4E265WKWKYMK2RYYSIXBEGZTDY5IQE6

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J4E265WKWKYMK2RYYSIXBEGZTDY5IQE6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J4E265WKWKYMK2RYYSIXBEGZTDY5IQE6/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4VCDOJGL6BK3HB4XRD2WETBPYX2ITF6

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4VCDOJGL6BK3HB4XRD2WETBPYX2ITF6

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4VCDOJGL6BK3HB4XRD2WETBPYX2ITF6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4VCDOJGL6BK3HB4XRD2WETBPYX2ITF6/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMBKACMLSRX7JJSKBTR35UOEP2WFR6QP

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMBKACMLSRX7JJSKBTR35UOEP2WFR6QP

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMBKACMLSRX7JJSKBTR35UOEP2WFR6QP/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMBKACMLSRX7JJSKBTR35UOEP2WFR6QP/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQLM7ABVCYJLF6JRPF3M3EBXW63GNC27

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W23CUADGMVMQQNFKHPHXVP7RPZJZNN6I

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W23CUADGMVMQQNFKHPHXVP7RPZJZNN6I

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W23CUADGMVMQQNFKHPHXVP7RPZJZNN6I/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W23CUADGMVMQQNFKHPHXVP7RPZJZNN6I/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WW62OZEY2GHJL4JCOLJRBSRETXDHMWRK

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WW62OZEY2GHJL4JCOLJRBSRETXDHMWRK

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WW62OZEY2GHJL4JCOLJRBSRETXDHMWRK/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WW62OZEY2GHJL4JCOLJRBSRETXDHMWRK/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXEQ3GQVELA2T4HNZG7VPMS2HDVXMJRG

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-30T14:40:47Z/

url

https://rustsec.org/advisories/RUSTSEC-2021-0131.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://rustsec.org/advisories/RUSTSEC-2021-0131.html

reference_url

https://rustsec.org/advisories/RUSTSEC-2021-0132.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://rustsec.org/advisories/RUSTSEC-2021-0132.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url	https://usn.ubuntu.com/4568-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4568-1/

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1879225
reference_id	1879225
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1879225

reference_url

reference_id

826

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-30T14:40:47Z/

url

reference_url	https://security.archlinux.org/ASA-202009-12
reference_id	ASA-202009-12
reference_type
scores
url	https://security.archlinux.org/ASA-202009-12

reference_url	https://security.archlinux.org/ASA-202009-13
reference_id	ASA-202009-13
reference_type
scores
url	https://security.archlinux.org/ASA-202009-13

reference_url

reference_id

AVG-1230

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1231

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://github.com/timlegge/perl-IO-Compress-Brotli/blob/8b44c83b23bb4658179e1494af4b725a1bc476bc/Changes#L52

reference_url

reference_id

Changes#L52

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-30T14:40:47Z/

url

https://github.com/timlegge/perl-IO-Compress-Brotli/blob/8b44c83b23bb4658179e1494af4b725a1bc476bc/Changes#L52

reference_url

reference_id

GHSA-5v8v-66v8-mwm7

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-30T14:40:47Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16544.json

reference_url	https://access.redhat.com/errata/RHSA-2021:1702
reference_id	RHSA-2021:1702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1702

reference_url	https://access.redhat.com/errata/RHSA-2022:0827
reference_id	RHSA-2022:0827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0827

reference_url	https://access.redhat.com/errata/RHSA-2022:0828
reference_id	RHSA-2022:0828
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0828

reference_url	https://access.redhat.com/errata/RHSA-2022:0829
reference_id	RHSA-2022:0829
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0829

reference_url	https://access.redhat.com/errata/RHSA-2022:0830
reference_id	RHSA-2022:0830
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0830

fixed_packages

url	pkg:alpm/archlinux/brotli@1.0.9-1
purl	pkg:alpm/archlinux/brotli@1.0.9-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/brotli@1.0.9-1

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-69ua-s6h2-3uhc

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/brotli@1.0.9-1

pkg:alpm/archlinux/busybox@1.27.2-1

alpm

archlinux

busybox

1.27.2-1

true

1.28.1-1

1.34.1-1

url VCID-dktd-xqjr-h7h1

vulnerability_id VCID-dktd-xqjr-h7h1

summary

Multiple vulnerabilities have been found in BusyBox, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16544.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-16544

reference_id

reference_type

scores

value	0.03313
scoring_system	epss
scoring_elements	0.87216
published_at	2026-04-02T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87206
published_at	2026-04-01T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87232
published_at	2026-04-04T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87229
published_at	2026-04-07T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87249
published_at	2026-04-08T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87256
published_at	2026-04-09T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87268
published_at	2026-04-11T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87263
published_at	2026-04-12T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87258
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16544

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16544
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16544

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:C/I:C/A:C

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1515713
reference_id	1515713
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1515713

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882258
reference_id	882258
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882258

reference_url	https://security.archlinux.org/ASA-201803-1
reference_id	ASA-201803-1
reference_type
scores
url	https://security.archlinux.org/ASA-201803-1

reference_url	https://security.archlinux.org/ASA-201803-2
reference_id	ASA-201803-2
reference_type
scores
url	https://security.archlinux.org/ASA-201803-2

reference_url

reference_id

AVG-512

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-514

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/

reference_url

reference_id

cve-2017-16544-busybox-autocompletion-vulnerability

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/

reference_url	https://security.gentoo.org/glsa/201803-12
reference_id	GLSA-201803-12
reference_type
scores
url	https://security.gentoo.org/glsa/201803-12

reference_url

https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01

reference_id

icsa-20-240-01

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01

reference_url

https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8

reference_id

?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8

reference_url

reference_id

USN-3935-1

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16544.json

fixed_packages

url	pkg:alpm/archlinux/busybox@1.28.1-1
purl	pkg:alpm/archlinux/busybox@1.28.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.28.1-1

aliases CVE-2017-16544

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dktd-xqjr-h7h1

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.27.2-1

pkg:alpm/archlinux/busybox@1.28.1-1

alpm

archlinux

busybox

1.28.1-1

false

1.32.1-4

1.34.1-1

url VCID-dktd-xqjr-h7h1

vulnerability_id VCID-dktd-xqjr-h7h1

summary

Multiple vulnerabilities have been found in BusyBox, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16544.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-16544

reference_id

reference_type

scores

value	0.03313
scoring_system	epss
scoring_elements	0.87216
published_at	2026-04-02T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87206
published_at	2026-04-01T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87232
published_at	2026-04-04T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87229
published_at	2026-04-07T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87249
published_at	2026-04-08T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87256
published_at	2026-04-09T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87268
published_at	2026-04-11T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87263
published_at	2026-04-12T12:55:00Z

value	0.03313
scoring_system	epss
scoring_elements	0.87258
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16544

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16544
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16544

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:C/I:C/A:C

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1515713
reference_id	1515713
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1515713

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882258
reference_id	882258
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882258

reference_url	https://security.archlinux.org/ASA-201803-1
reference_id	ASA-201803-1
reference_type
scores
url	https://security.archlinux.org/ASA-201803-1

reference_url	https://security.archlinux.org/ASA-201803-2
reference_id	ASA-201803-2
reference_type
scores
url	https://security.archlinux.org/ASA-201803-2

reference_url

reference_id

AVG-512

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-514

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/

reference_url

reference_id

cve-2017-16544-busybox-autocompletion-vulnerability

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

https://www.twistlock.com/2017/11/20/cve-2017-16544-busybox-autocompletion-vulnerability/

reference_url	https://security.gentoo.org/glsa/201803-12
reference_id	GLSA-201803-12
reference_type
scores
url	https://security.gentoo.org/glsa/201803-12

reference_url

https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01

reference_id

icsa-20-240-01

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

https://us-cert.cisa.gov/ics/advisories/icsa-20-240-01

reference_url

https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8

reference_id

?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8

reference_url

reference_id

USN-3935-1

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:34:08Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28831.json

fixed_packages

url	pkg:alpm/archlinux/busybox@1.28.1-1
purl	pkg:alpm/archlinux/busybox@1.28.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.28.1-1

aliases CVE-2017-16544

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dktd-xqjr-h7h1

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.28.1-1

pkg:alpm/archlinux/busybox@1.32.1-3

alpm

archlinux

busybox

1.32.1-3

true

1.32.1-4

1.34.1-1

url VCID-vpmv-afzs-tffj

vulnerability_id VCID-vpmv-afzs-tffj

summary

A vulnerability in BusyBox might allow remote attackers to cause a
    Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28831.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-28831

reference_id

reference_type

scores

value	0.01019
scoring_system	epss
scoring_elements	0.77155
published_at	2026-04-01T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77217
published_at	2026-04-13T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77161
published_at	2026-04-02T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77191
published_at	2026-04-04T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77173
published_at	2026-04-07T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77205
published_at	2026-04-08T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77214
published_at	2026-04-09T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77241
published_at	2026-04-11T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.7722
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-28831

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1941028
reference_id	1941028
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1941028

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/

reference_id

3UDQGJRECXFS5EZVDH2OI45FMO436AC4

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985674
reference_id	985674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985674

reference_url	https://security.archlinux.org/ASA-202103-11
reference_id	ASA-202103-11
reference_type
scores
url	https://security.archlinux.org/ASA-202103-11

reference_url	https://security.archlinux.org/ASA-202103-12
reference_id	ASA-202103-12
reference_type
scores
url	https://security.archlinux.org/ASA-202103-12

reference_url

reference_id

AVG-1707

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1708

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

GLSA-202105-09

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd

reference_url

reference_id

?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd

reference_url

https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

reference_url	https://usn.ubuntu.com/5179-2/
reference_id	USN-5179-2
reference_type
scores
url	https://usn.ubuntu.com/5179-2/

reference_url	https://usn.ubuntu.com/6335-1/
reference_id	USN-6335-1
reference_type
scores
url	https://usn.ubuntu.com/6335-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/

reference_id

Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/

reference_id

ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.32.1-4
purl	pkg:alpm/archlinux/busybox@1.32.1-4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.32.1-4

aliases CVE-2021-28831

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vpmv-afzs-tffj

3.4

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.32.1-3

pkg:alpm/archlinux/busybox@1.32.1-4

alpm

archlinux

busybox

1.32.1-4

false

1.34.1-1

url VCID-vpmv-afzs-tffj

vulnerability_id VCID-vpmv-afzs-tffj

summary

A vulnerability in BusyBox might allow remote attackers to cause a
    Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28831.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28831.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-28831

reference_id

reference_type

scores

value	0.01019
scoring_system	epss
scoring_elements	0.77155
published_at	2026-04-01T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77217
published_at	2026-04-13T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77161
published_at	2026-04-02T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77191
published_at	2026-04-04T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77173
published_at	2026-04-07T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77205
published_at	2026-04-08T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77214
published_at	2026-04-09T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77241
published_at	2026-04-11T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.7722
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-28831

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1941028
reference_id	1941028
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1941028

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/

reference_id

3UDQGJRECXFS5EZVDH2OI45FMO436AC4

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985674
reference_id	985674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985674

reference_url	https://security.archlinux.org/ASA-202103-11
reference_id	ASA-202103-11
reference_type
scores
url	https://security.archlinux.org/ASA-202103-11

reference_url	https://security.archlinux.org/ASA-202103-12
reference_id	ASA-202103-12
reference_type
scores
url	https://security.archlinux.org/ASA-202103-12

reference_url

reference_id

AVG-1707

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1708

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

GLSA-202105-09

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd

reference_url

reference_id

?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd

reference_url

https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

reference_url	https://usn.ubuntu.com/5179-2/
reference_id	USN-5179-2
reference_type
scores
url	https://usn.ubuntu.com/5179-2/

reference_url	https://usn.ubuntu.com/6335-1/
reference_id	USN-6335-1
reference_type
scores
url	https://usn.ubuntu.com/6335-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/

reference_id

Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/

reference_id

ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.32.1-4
purl	pkg:alpm/archlinux/busybox@1.32.1-4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.32.1-4

aliases CVE-2021-28831

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vpmv-afzs-tffj

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.32.1-4

pkg:alpm/archlinux/busybox@1.33.1-1

alpm

archlinux

busybox

1.33.1-1

true

1.34.1-1

url VCID-4muk-rhx5-yqeu

vulnerability_id VCID-4muk-rhx5-yqeu

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42386.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42386.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42386

reference_id

reference_type

scores

value	0.00293
scoring_system	epss
scoring_elements	0.52565
published_at	2026-04-01T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52665
published_at	2026-04-13T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52608
published_at	2026-04-02T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52634
published_at	2026-04-04T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52601
published_at	2026-04-07T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52652
published_at	2026-04-08T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52647
published_at	2026-04-09T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52697
published_at	2026-04-11T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52681
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42386

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023938
reference_id	2023938
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023938

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42386

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4muk-rhx5-yqeu

url VCID-4qpt-mxfy-6bh6

vulnerability_id VCID-4qpt-mxfy-6bh6

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42385.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42385.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42385

reference_id

reference_type

scores

value	0.00293
scoring_system	epss
scoring_elements	0.52565
published_at	2026-04-01T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52665
published_at	2026-04-13T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52608
published_at	2026-04-02T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52634
published_at	2026-04-04T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52601
published_at	2026-04-07T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52652
published_at	2026-04-08T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52647
published_at	2026-04-09T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52697
published_at	2026-04-11T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52681
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42385

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023936
reference_id	2023936
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023936

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42385

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qpt-mxfy-6bh6

url VCID-8r73-bpac-dubc

vulnerability_id VCID-8r73-bpac-dubc

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42377.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42377.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42377

reference_id

reference_type

scores

value	0.02855
scoring_system	epss
scoring_elements	0.86174
published_at	2026-04-01T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.86236
published_at	2026-04-13T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.86228
published_at	2026-04-09T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.86243
published_at	2026-04-11T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.8624
published_at	2026-04-12T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.86184
published_at	2026-04-02T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.86197
published_at	2026-04-04T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.86198
published_at	2026-04-07T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.86217
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42377
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42377

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023895
reference_id	2023895
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023895

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42375.json

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42377

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8r73-bpac-dubc

url VCID-92nk-cwc9-rkg4

vulnerability_id VCID-92nk-cwc9-rkg4

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42375.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42375

reference_id

reference_type

scores

value	0.00061
scoring_system	epss
scoring_elements	0.19135
published_at	2026-04-01T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19076
published_at	2026-04-13T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19269
published_at	2026-04-02T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.1932
published_at	2026-04-04T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19035
published_at	2026-04-07T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19115
published_at	2026-04-08T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19168
published_at	2026-04-09T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19175
published_at	2026-04-11T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19128
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42375

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023888
reference_id	2023888
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023888

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:05Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:05Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:05Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42375

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-92nk-cwc9-rkg4

url VCID-9fex-zr2n-w3cb

vulnerability_id VCID-9fex-zr2n-w3cb

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42384.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42384.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42384

reference_id

reference_type

scores

value	0.00236
scoring_system	epss
scoring_elements	0.4647
published_at	2026-04-01T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46535
published_at	2026-04-13T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46507
published_at	2026-04-02T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46527
published_at	2026-04-12T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46476
published_at	2026-04-07T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46531
published_at	2026-04-09T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46555
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42384

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023933
reference_id	2023933
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023933

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42384

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9fex-zr2n-w3cb

url VCID-dse8-esmh-3ygm

vulnerability_id VCID-dse8-esmh-3ygm

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42380.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42380.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42380

reference_id

reference_type

scores

value	0.00452
scoring_system	epss
scoring_elements	0.63711
published_at	2026-04-13T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63716
published_at	2026-04-04T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63676
published_at	2026-04-07T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63728
published_at	2026-04-08T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63745
published_at	2026-04-12T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63759
published_at	2026-04-11T12:55:00Z

value	0.00464
scoring_system	epss
scoring_elements	0.64309
published_at	2026-04-02T12:55:00Z

value	0.00464
scoring_system	epss
scoring_elements	0.64251
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023912
reference_id	2023912
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023912

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42380

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dse8-esmh-3ygm

url VCID-gdfa-8gar-47gd

vulnerability_id VCID-gdfa-8gar-47gd

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42379.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42379.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42379

reference_id

reference_type

scores

value	0.00236
scoring_system	epss
scoring_elements	0.4647
published_at	2026-04-01T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46535
published_at	2026-04-13T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46507
published_at	2026-04-02T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46527
published_at	2026-04-12T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46476
published_at	2026-04-07T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46531
published_at	2026-04-09T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46555
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023904
reference_id	2023904
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023904

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42379

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gdfa-8gar-47gd

url VCID-jjxj-yf1x-4qg5

vulnerability_id VCID-jjxj-yf1x-4qg5

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42378.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42378.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42378

reference_id

reference_type

scores

value	0.00236
scoring_system	epss
scoring_elements	0.4647
published_at	2026-04-01T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46535
published_at	2026-04-13T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46507
published_at	2026-04-02T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46527
published_at	2026-04-12T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46476
published_at	2026-04-07T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46531
published_at	2026-04-09T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46555
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023900
reference_id	2023900
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023900

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42378

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jjxj-yf1x-4qg5

url VCID-mdmz-hjvu-hke3

vulnerability_id VCID-mdmz-hjvu-hke3

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42382.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42382.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42382

reference_id

reference_type

scores

value	0.00321
scoring_system	epss
scoring_elements	0.54992
published_at	2026-04-01T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55117
published_at	2026-04-13T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55094
published_at	2026-04-02T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55118
published_at	2026-04-04T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55093
published_at	2026-04-07T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55143
published_at	2026-04-09T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55155
published_at	2026-04-11T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55135
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42382

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023929
reference_id	2023929
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023929

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42382

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mdmz-hjvu-hke3

url VCID-r12h-q1dj-a7b8

vulnerability_id VCID-r12h-q1dj-a7b8

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42381.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42381.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42381

reference_id

reference_type

scores

value	0.00321
scoring_system	epss
scoring_elements	0.54992
published_at	2026-04-01T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55117
published_at	2026-04-13T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55094
published_at	2026-04-02T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55118
published_at	2026-04-04T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55093
published_at	2026-04-07T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55143
published_at	2026-04-09T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55155
published_at	2026-04-11T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55135
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42381

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023927
reference_id	2023927
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023927

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42381

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r12h-q1dj-a7b8

url VCID-rp81-5jrg-jkht

vulnerability_id VCID-rp81-5jrg-jkht

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42373.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42373.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42373

reference_id

reference_type

scores

value	0.00083
scoring_system	epss
scoring_elements	0.2428
published_at	2026-04-01T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24249
published_at	2026-04-13T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24331
published_at	2026-04-09T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24349
published_at	2026-04-11T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24306
published_at	2026-04-12T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24407
published_at	2026-04-02T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24439
published_at	2026-04-04T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24222
published_at	2026-04-07T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24288
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42373

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023876
reference_id	2023876
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023876

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42383.json

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42373

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rp81-5jrg-jkht

url VCID-svyb-nqje-dbcs

vulnerability_id VCID-svyb-nqje-dbcs

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42383.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42383

reference_id

reference_type

scores

value	0.00288
scoring_system	epss
scoring_elements	0.52144
published_at	2026-04-01T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.5225
published_at	2026-04-13T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52188
published_at	2026-04-02T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52215
published_at	2026-04-04T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.5218
published_at	2026-04-07T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52233
published_at	2026-04-08T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52229
published_at	2026-04-09T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.5228
published_at	2026-04-11T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52264
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42383

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023931
reference_id	2023931
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023931

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:03Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:03Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:03Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:03Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:03Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42383

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-svyb-nqje-dbcs

url VCID-tkat-gfks-kqg9

vulnerability_id VCID-tkat-gfks-kqg9

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42374.json

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42374.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42374

reference_id

reference_type

scores

value	0.00064
scoring_system	epss
scoring_elements	0.20042
published_at	2026-04-01T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20022
published_at	2026-04-13T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20189
published_at	2026-04-02T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20244
published_at	2026-04-04T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19969
published_at	2026-04-07T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20049
published_at	2026-04-08T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20107
published_at	2026-04-09T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20126
published_at	2026-04-11T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.2008
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42374

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023881
reference_id	2023881
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023881

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42374

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tkat-gfks-kqg9

url VCID-vjyq-6k64-7fat

vulnerability_id VCID-vjyq-6k64-7fat

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42376.json

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42376.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42376

reference_id

reference_type

scores

value	0.00045
scoring_system	epss
scoring_elements	0.13819
published_at	2026-04-01T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13766
published_at	2026-04-13T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13893
published_at	2026-04-09T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13851
published_at	2026-04-11T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13815
published_at	2026-04-12T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13902
published_at	2026-04-02T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13958
published_at	2026-04-04T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.1376
published_at	2026-04-07T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13843
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42376

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023891
reference_id	2023891
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023891

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42386.json

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42376

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vjyq-6k64-7fat

3.2

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.33.1-1

pkg:alpm/archlinux/busybox@1.34.1-1

alpm

archlinux

busybox

1.34.1-1

false

null

url VCID-4muk-rhx5-yqeu

vulnerability_id VCID-4muk-rhx5-yqeu

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42386.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42386

reference_id

reference_type

scores

value	0.00293
scoring_system	epss
scoring_elements	0.52565
published_at	2026-04-01T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52665
published_at	2026-04-13T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52608
published_at	2026-04-02T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52634
published_at	2026-04-04T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52601
published_at	2026-04-07T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52652
published_at	2026-04-08T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52647
published_at	2026-04-09T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52697
published_at	2026-04-11T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52681
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42386

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023938
reference_id	2023938
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023938

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42386

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4muk-rhx5-yqeu

url VCID-4qpt-mxfy-6bh6

vulnerability_id VCID-4qpt-mxfy-6bh6

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42385.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42385.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42385

reference_id

reference_type

scores

value	0.00293
scoring_system	epss
scoring_elements	0.52565
published_at	2026-04-01T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52665
published_at	2026-04-13T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52608
published_at	2026-04-02T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52634
published_at	2026-04-04T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52601
published_at	2026-04-07T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52652
published_at	2026-04-08T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52647
published_at	2026-04-09T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52697
published_at	2026-04-11T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52681
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42385

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023936
reference_id	2023936
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023936

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42385

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qpt-mxfy-6bh6

url VCID-8r73-bpac-dubc

vulnerability_id VCID-8r73-bpac-dubc

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42377.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42377.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42377

reference_id

reference_type

scores

value	0.02855
scoring_system	epss
scoring_elements	0.86174
published_at	2026-04-01T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.86236
published_at	2026-04-13T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.86228
published_at	2026-04-09T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.86243
published_at	2026-04-11T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.8624
published_at	2026-04-12T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.86184
published_at	2026-04-02T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.86197
published_at	2026-04-04T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.86198
published_at	2026-04-07T12:55:00Z

value	0.02855
scoring_system	epss
scoring_elements	0.86217
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42377
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42377

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023895
reference_id	2023895
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023895

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42375.json

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42377

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8r73-bpac-dubc

url VCID-92nk-cwc9-rkg4

vulnerability_id VCID-92nk-cwc9-rkg4

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42375.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42375

reference_id

reference_type

scores

value	0.00061
scoring_system	epss
scoring_elements	0.19135
published_at	2026-04-01T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19076
published_at	2026-04-13T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19269
published_at	2026-04-02T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.1932
published_at	2026-04-04T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19035
published_at	2026-04-07T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19115
published_at	2026-04-08T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19168
published_at	2026-04-09T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19175
published_at	2026-04-11T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19128
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42375

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023888
reference_id	2023888
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023888

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:05Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:05Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:05Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42375

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-92nk-cwc9-rkg4

url VCID-9fex-zr2n-w3cb

vulnerability_id VCID-9fex-zr2n-w3cb

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42384.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42384.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42384

reference_id

reference_type

scores

value	0.00236
scoring_system	epss
scoring_elements	0.4647
published_at	2026-04-01T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46535
published_at	2026-04-13T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46507
published_at	2026-04-02T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46527
published_at	2026-04-12T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46476
published_at	2026-04-07T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46531
published_at	2026-04-09T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46555
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42384

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023933
reference_id	2023933
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023933

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42384

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9fex-zr2n-w3cb

url VCID-dse8-esmh-3ygm

vulnerability_id VCID-dse8-esmh-3ygm

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42380.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42380.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42380

reference_id

reference_type

scores

value	0.00452
scoring_system	epss
scoring_elements	0.63711
published_at	2026-04-13T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63716
published_at	2026-04-04T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63676
published_at	2026-04-07T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63728
published_at	2026-04-08T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63745
published_at	2026-04-12T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63759
published_at	2026-04-11T12:55:00Z

value	0.00464
scoring_system	epss
scoring_elements	0.64309
published_at	2026-04-02T12:55:00Z

value	0.00464
scoring_system	epss
scoring_elements	0.64251
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023912
reference_id	2023912
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023912

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42380

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dse8-esmh-3ygm

url VCID-gdfa-8gar-47gd

vulnerability_id VCID-gdfa-8gar-47gd

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42379.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42379.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42379

reference_id

reference_type

scores

value	0.00236
scoring_system	epss
scoring_elements	0.4647
published_at	2026-04-01T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46535
published_at	2026-04-13T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46507
published_at	2026-04-02T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46527
published_at	2026-04-12T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46476
published_at	2026-04-07T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46531
published_at	2026-04-09T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46555
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023904
reference_id	2023904
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023904

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42379

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gdfa-8gar-47gd

url VCID-jjxj-yf1x-4qg5

vulnerability_id VCID-jjxj-yf1x-4qg5

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42378.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42378.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42378

reference_id

reference_type

scores

value	0.00236
scoring_system	epss
scoring_elements	0.4647
published_at	2026-04-01T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46535
published_at	2026-04-13T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46507
published_at	2026-04-02T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46527
published_at	2026-04-12T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46476
published_at	2026-04-07T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46531
published_at	2026-04-09T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46555
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023900
reference_id	2023900
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023900

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42378

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jjxj-yf1x-4qg5

url VCID-mdmz-hjvu-hke3

vulnerability_id VCID-mdmz-hjvu-hke3

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42382.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42382.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42382

reference_id

reference_type

scores

value	0.00321
scoring_system	epss
scoring_elements	0.54992
published_at	2026-04-01T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55117
published_at	2026-04-13T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55094
published_at	2026-04-02T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55118
published_at	2026-04-04T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55093
published_at	2026-04-07T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55143
published_at	2026-04-09T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55155
published_at	2026-04-11T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55135
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42382

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023929
reference_id	2023929
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023929

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42382

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mdmz-hjvu-hke3

url VCID-r12h-q1dj-a7b8

vulnerability_id VCID-r12h-q1dj-a7b8

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42381.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42381.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42381

reference_id

reference_type

scores

value	0.00321
scoring_system	epss
scoring_elements	0.54992
published_at	2026-04-01T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55117
published_at	2026-04-13T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55094
published_at	2026-04-02T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55118
published_at	2026-04-04T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55093
published_at	2026-04-07T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55143
published_at	2026-04-09T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55155
published_at	2026-04-11T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55135
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42381

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023927
reference_id	2023927
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023927

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42381

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r12h-q1dj-a7b8

url VCID-rp81-5jrg-jkht

vulnerability_id VCID-rp81-5jrg-jkht

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42373.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42373.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42373

reference_id

reference_type

scores

value	0.00083
scoring_system	epss
scoring_elements	0.2428
published_at	2026-04-01T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24249
published_at	2026-04-13T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24331
published_at	2026-04-09T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24349
published_at	2026-04-11T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24306
published_at	2026-04-12T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24407
published_at	2026-04-02T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24439
published_at	2026-04-04T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24222
published_at	2026-04-07T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24288
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42373

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023876
reference_id	2023876
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023876

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42383.json

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42373

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rp81-5jrg-jkht

url VCID-svyb-nqje-dbcs

vulnerability_id VCID-svyb-nqje-dbcs

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42383.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42383

reference_id

reference_type

scores

value	0.00288
scoring_system	epss
scoring_elements	0.52144
published_at	2026-04-01T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.5225
published_at	2026-04-13T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52188
published_at	2026-04-02T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52215
published_at	2026-04-04T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.5218
published_at	2026-04-07T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52233
published_at	2026-04-08T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52229
published_at	2026-04-09T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.5228
published_at	2026-04-11T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52264
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42383

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023931
reference_id	2023931
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023931

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:03Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:03Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:03Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:03Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:03Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42383

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-svyb-nqje-dbcs

url VCID-tkat-gfks-kqg9

vulnerability_id VCID-tkat-gfks-kqg9

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42374.json

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42374.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42374

reference_id

reference_type

scores

value	0.00064
scoring_system	epss
scoring_elements	0.20042
published_at	2026-04-01T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20022
published_at	2026-04-13T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20189
published_at	2026-04-02T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20244
published_at	2026-04-04T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19969
published_at	2026-04-07T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20049
published_at	2026-04-08T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20107
published_at	2026-04-09T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20126
published_at	2026-04-11T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.2008
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42374

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023881
reference_id	2023881
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023881

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

reference_id

ntap-20211223-0002

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42374

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tkat-gfks-kqg9

url VCID-vjyq-6k64-7fat

vulnerability_id VCID-vjyq-6k64-7fat

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42376.json

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42376.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42376

reference_id

reference_type

scores

value	0.00045
scoring_system	epss
scoring_elements	0.13819
published_at	2026-04-01T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13766
published_at	2026-04-13T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13893
published_at	2026-04-09T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13851
published_at	2026-04-11T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13815
published_at	2026-04-12T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13902
published_at	2026-04-02T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13958
published_at	2026-04-04T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.1376
published_at	2026-04-07T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13843
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42376

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023891
reference_id	2023891
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023891

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2025-46394

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

fixed_packages

url	pkg:alpm/archlinux/busybox@1.34.1-1
purl	pkg:alpm/archlinux/busybox@1.34.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

aliases CVE-2021-42376

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vjyq-6k64-7fat

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.34.1-1

pkg:alpm/archlinux/busybox@1.36.1-2

alpm

archlinux

busybox

1.36.1-2

true

null

url

VCID-jjqh-pw7r-buau

vulnerability_id

VCID-jjqh-pw7r-buau

summary

In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.

references

reference_url

reference_id

reference_type

scores

value	0.00083
scoring_system	epss
scoring_elements	0.24224
published_at	2026-04-07T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24333
published_at	2026-04-09T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24442
published_at	2026-04-04T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.2429
published_at	2026-04-08T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24409
published_at	2026-04-02T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24251
published_at	2026-04-13T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24308
published_at	2026-04-12T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24351
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-46394

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46394
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46394

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104008
reference_id	1104008
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104008

reference_url

https://security.archlinux.org/AVG-2880

reference_id

AVG-2880

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2880

reference_url

https://www.busybox.net/downloads/

reference_id

downloads

reference_type

scores

value	3.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:43:05Z/

url

https://www.busybox.net/downloads/

reference_url

https://bugs.busybox.net/show_bug.cgi?id=16018

reference_id

show_bug.cgi?id=16018

reference_type

scores

value	3.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:43:05Z/

url

https://bugs.busybox.net/show_bug.cgi?id=16018

reference_url

https://www.busybox.net

reference_id

www.busybox.net

reference_type

scores

value	3.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:43:05Z/

url

https://www.busybox.net

fixed_packages

aliases

CVE-2025-46394

risk_score

1.6

exploitability

0.5

weighted_severity

3.1

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-jjqh-pw7r-buau

1.6

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/busybox@1.36.1-2

pkg:alpm/archlinux/bzip2@1.0.6-5

alpm

archlinux

bzip2

1.0.6-5

true

1.0.6-6

url VCID-rgbz-6485-tfan

vulnerability_id VCID-rgbz-6485-tfan

summary

An use-after-free vulnerability has been found in bzip2 that could
    allow remote attackers to cause a Denial of Service condition.

references

reference_url

http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html

reference_url

http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3189.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3189.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-3189

reference_id

reference_type

scores

value	0.23714
scoring_system	epss
scoring_elements	0.95993
published_at	2026-04-09T12:55:00Z

value	0.23714
scoring_system	epss
scoring_elements	0.95991
published_at	2026-04-08T12:55:00Z

value	0.23714
scoring_system	epss
scoring_elements	0.95977
published_at	2026-04-04T12:55:00Z

value	0.23714
scoring_system	epss
scoring_elements	0.95971
published_at	2026-04-02T12:55:00Z

value	0.23714
scoring_system	epss
scoring_elements	0.95982
published_at	2026-04-07T12:55:00Z

value	0.23714
scoring_system	epss
scoring_elements	0.95963
published_at	2026-04-01T12:55:00Z

value	0.23714
scoring_system	epss
scoring_elements	0.95999
published_at	2026-04-13T12:55:00Z

value	0.23714
scoring_system	epss
scoring_elements	0.95996
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3189
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3189

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:N/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.apache.org/thread.html/r19b4a70ac52093115fd71d773a7a4f579599e6275a13cfcf6252c3e3%40%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/r19b4a70ac52093115fd71d773a7a4f579599e6275a13cfcf6252c3e3%40%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1dc4c9b3bd559301bdb1557245f78b8910146efb1ee534b774c5f6af%40%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/r1dc4c9b3bd559301bdb1557245f78b8910146efb1ee534b774c5f6af%40%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r481cda41fefb03e04c51484ed14421d812e5ce9e0972edff10f37260%40%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/r481cda41fefb03e04c51484ed14421d812e5ce9e0972edff10f37260%40%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r4ad2ea01354e394b7fa8c78a184b7e1634d51be9bc0e9e4d7e6c9305%40%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/r4ad2ea01354e394b7fa8c78a184b7e1634d51be9bc0e9e4d7e6c9305%40%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5f7ac2bd631ccb12ced65b71ff11f94e76d05b22000795e4a7b61203%40%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/r5f7ac2bd631ccb12ced65b71ff11f94e76d05b22000795e4a7b61203%40%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5f80cf3ade5bb73410643e885fe6b7bf9f0222daf3533e42c7ae240c%40%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/r5f80cf3ade5bb73410643e885fe6b7bf9f0222daf3533e42c7ae240c%40%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6e3962fc9f6a79851f70cffdec5759065969cec9c6708b964464b301%40%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/r6e3962fc9f6a79851f70cffdec5759065969cec9c6708b964464b301%40%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/redf17d8ad16140733b25ca402ae825d6dfa9b85f73d9fb3fd0c75d73%40%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/redf17d8ad16140733b25ca402ae825d6dfa9b85f73d9fb3fd0c75d73%40%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rffebcbeaace56ff1fed7916700d2f414ca1366386fb1293e99b3e31e%40%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/rffebcbeaace56ff1fed7916700d2f414ca1366386fb1293e99b3e31e%40%3Cjira.kafka.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

http://www.openwall.com/lists/oss-security/2016/06/20/1

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

http://www.openwall.com/lists/oss-security/2016/06/20/1

reference_url

http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1319648

reference_url

reference_id

1319648

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1319648

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827744
reference_id	827744
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827744

reference_url	https://security.archlinux.org/ASA-201702-19
reference_id	ASA-201702-19
reference_type
scores
url	https://security.archlinux.org/ASA-201702-19

reference_url

reference_id

AVG-4

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.6:::::::*
reference_id	cpe:2.3:a:bzip:bzip2:1.0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url

reference_id

CVE-2016-3189

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

reference_url

reference_id

GLSA-201708-08

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

reference_url

reference_id

USN-4038-1

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

reference_url

reference_id

USN-4038-2

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html

fixed_packages

url	pkg:alpm/archlinux/bzip2@1.0.6-6
purl	pkg:alpm/archlinux/bzip2@1.0.6-6
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bzip2@1.0.6-6

aliases CVE-2016-3189

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rgbz-6485-tfan

3.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bzip2@1.0.6-5

pkg:alpm/archlinux/bzip2@1.0.6-6

alpm

archlinux

bzip2

1.0.6-6

false

null

url VCID-rgbz-6485-tfan

vulnerability_id VCID-rgbz-6485-tfan

summary

An use-after-free vulnerability has been found in bzip2 that could
    allow remote attackers to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html

reference_url

http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3189.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3189.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-3189

reference_id

reference_type

scores

value	0.23714
scoring_system	epss
scoring_elements	0.95993
published_at	2026-04-09T12:55:00Z

value	0.23714
scoring_system	epss
scoring_elements	0.95991
published_at	2026-04-08T12:55:00Z

value	0.23714
scoring_system	epss
scoring_elements	0.95977
published_at	2026-04-04T12:55:00Z

value	0.23714
scoring_system	epss
scoring_elements	0.95971
published_at	2026-04-02T12:55:00Z

value	0.23714
scoring_system	epss
scoring_elements	0.95982
published_at	2026-04-07T12:55:00Z

value	0.23714
scoring_system	epss
scoring_elements	0.95963
published_at	2026-04-01T12:55:00Z

value	0.23714
scoring_system	epss
scoring_elements	0.95999
published_at	2026-04-13T12:55:00Z

value	0.23714
scoring_system	epss
scoring_elements	0.95996
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3189
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3189

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:N/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.apache.org/thread.html/r19b4a70ac52093115fd71d773a7a4f579599e6275a13cfcf6252c3e3%40%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/r19b4a70ac52093115fd71d773a7a4f579599e6275a13cfcf6252c3e3%40%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1dc4c9b3bd559301bdb1557245f78b8910146efb1ee534b774c5f6af%40%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/r1dc4c9b3bd559301bdb1557245f78b8910146efb1ee534b774c5f6af%40%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r481cda41fefb03e04c51484ed14421d812e5ce9e0972edff10f37260%40%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/r481cda41fefb03e04c51484ed14421d812e5ce9e0972edff10f37260%40%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r4ad2ea01354e394b7fa8c78a184b7e1634d51be9bc0e9e4d7e6c9305%40%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/r4ad2ea01354e394b7fa8c78a184b7e1634d51be9bc0e9e4d7e6c9305%40%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5f7ac2bd631ccb12ced65b71ff11f94e76d05b22000795e4a7b61203%40%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/r5f7ac2bd631ccb12ced65b71ff11f94e76d05b22000795e4a7b61203%40%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5f80cf3ade5bb73410643e885fe6b7bf9f0222daf3533e42c7ae240c%40%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/r5f80cf3ade5bb73410643e885fe6b7bf9f0222daf3533e42c7ae240c%40%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6e3962fc9f6a79851f70cffdec5759065969cec9c6708b964464b301%40%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/r6e3962fc9f6a79851f70cffdec5759065969cec9c6708b964464b301%40%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/redf17d8ad16140733b25ca402ae825d6dfa9b85f73d9fb3fd0c75d73%40%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/redf17d8ad16140733b25ca402ae825d6dfa9b85f73d9fb3fd0c75d73%40%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rffebcbeaace56ff1fed7916700d2f414ca1366386fb1293e99b3e31e%40%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.apache.org/thread.html/rffebcbeaace56ff1fed7916700d2f414ca1366386fb1293e99b3e31e%40%3Cjira.kafka.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

http://www.openwall.com/lists/oss-security/2016/06/20/1

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

http://www.openwall.com/lists/oss-security/2016/06/20/1

reference_url

http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1319648

reference_url

reference_id

1319648

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1319648

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827744
reference_id	827744
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827744

reference_url	https://security.archlinux.org/ASA-201702-19
reference_id	ASA-201702-19
reference_type
scores
url	https://security.archlinux.org/ASA-201702-19

reference_url

reference_id

AVG-4

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.6:::::::*
reference_id	cpe:2.3:a:bzip:bzip2:1.0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url

reference_id

CVE-2016-3189

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

reference_url

reference_id

GLSA-201708-08

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

reference_url

reference_id

USN-4038-1

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

reference_url

reference_id

USN-4038-2

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11691

fixed_packages

url	pkg:alpm/archlinux/bzip2@1.0.6-6
purl	pkg:alpm/archlinux/bzip2@1.0.6-6
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bzip2@1.0.6-6

aliases CVE-2016-3189

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rgbz-6485-tfan

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/bzip2@1.0.6-6

pkg:alpm/archlinux/cacti@1.1.13-1

alpm

archlinux

cacti

1.1.13-1

true

1.1.14-1

1.2.16-2

url VCID-afss-mcgj-7bce

vulnerability_id VCID-afss-mcgj-7bce

summary Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers.

references

reference_url

reference_id

reference_type

scores

value	0.00506
scoring_system	epss
scoring_elements	0.66228
published_at	2026-04-13T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66154
published_at	2026-04-01T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66195
published_at	2026-04-02T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66222
published_at	2026-04-04T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66191
published_at	2026-04-07T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66239
published_at	2026-04-08T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66252
published_at	2026-04-09T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66272
published_at	2026-04-11T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66259
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11691

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869848
reference_id	869848
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869848

reference_url	https://security.archlinux.org/ASA-201707-30
reference_id	ASA-201707-30
reference_type
scores
url	https://security.archlinux.org/ASA-201707-30

reference_url

reference_id

AVG-365

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11691

fixed_packages

url	pkg:alpm/archlinux/cacti@1.1.14-1
purl	pkg:alpm/archlinux/cacti@1.1.14-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.14-1

aliases CVE-2017-11691

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-afss-mcgj-7bce

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.13-1

pkg:alpm/archlinux/cacti@1.1.14-1

alpm

archlinux

cacti

1.1.14-1

false

1.1.28-1

1.2.16-2

url VCID-afss-mcgj-7bce

vulnerability_id VCID-afss-mcgj-7bce

summary Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers.

references

reference_url

reference_id

reference_type

scores

value	0.00506
scoring_system	epss
scoring_elements	0.66228
published_at	2026-04-13T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66154
published_at	2026-04-01T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66195
published_at	2026-04-02T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66222
published_at	2026-04-04T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66191
published_at	2026-04-07T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66239
published_at	2026-04-08T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66252
published_at	2026-04-09T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66272
published_at	2026-04-11T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66259
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11691

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869848
reference_id	869848
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869848

reference_url	https://security.archlinux.org/ASA-201707-30
reference_id	ASA-201707-30
reference_type
scores
url	https://security.archlinux.org/ASA-201707-30

reference_url

reference_id

AVG-365

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16660

fixed_packages

url	pkg:alpm/archlinux/cacti@1.1.14-1
purl	pkg:alpm/archlinux/cacti@1.1.14-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.14-1

aliases CVE-2017-11691

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-afss-mcgj-7bce

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.14-1

pkg:alpm/archlinux/cacti@1.1.17-1

alpm

archlinux

cacti

1.1.17-1

true

1.1.28-1

1.2.16-2

url VCID-q88b-smmh-77ga

vulnerability_id VCID-q88b-smmh-77ga

summary Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header.

references

reference_url

reference_id

reference_type

scores

value	0.01457
scoring_system	epss
scoring_elements	0.80764
published_at	2026-04-01T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.80772
published_at	2026-04-02T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.80793
published_at	2026-04-04T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.8079
published_at	2026-04-07T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.80817
published_at	2026-04-08T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.80826
published_at	2026-04-09T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85723
published_at	2026-04-11T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.8572
published_at	2026-04-12T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85716
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16660

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16660
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16660

reference_url	https://github.com/Cacti/cacti/issues/1066
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/1066

reference_url	https://security.archlinux.org/ASA-201712-2
reference_id	ASA-201712-2
reference_type
scores
url	https://security.archlinux.org/ASA-201712-2

reference_url

reference_id

AVG-537

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_id	cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*

reference_url

reference_id

CVE-2017-16660

reference_type

scores

value	9.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:C/I:C/A:C

value	7.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16641

fixed_packages

url	pkg:alpm/archlinux/cacti@1.1.28-1
purl	pkg:alpm/archlinux/cacti@1.1.28-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.28-1

aliases CVE-2017-16660

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q88b-smmh-77ga

url VCID-qbvv-frc2-rqbk

vulnerability_id VCID-qbvv-frc2-rqbk

summary lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php.

references

reference_url

reference_id

reference_type

scores

value	0.00465
scoring_system	epss
scoring_elements	0.64294
published_at	2026-04-01T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64351
published_at	2026-04-02T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.6438
published_at	2026-04-04T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64339
published_at	2026-04-07T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64387
published_at	2026-04-08T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64402
published_at	2026-04-09T12:55:00Z

value	0.0126
scoring_system	epss
scoring_elements	0.79432
published_at	2026-04-11T12:55:00Z

value	0.0126
scoring_system	epss
scoring_elements	0.79415
published_at	2026-04-12T12:55:00Z

value	0.0126
scoring_system	epss
scoring_elements	0.79404
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16641

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16641
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16641

reference_url	https://github.com/Cacti/cacti/issues/1057
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/1057

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881110
reference_id	881110
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881110

reference_url	https://security.archlinux.org/ASA-201712-2
reference_id	ASA-201712-2
reference_type
scores
url	https://security.archlinux.org/ASA-201712-2

reference_url

reference_id

AVG-537

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_id	cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*

reference_url

reference_id

CVE-2017-16641

reference_type

scores

value	9.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:C/I:C/A:C

value	7.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16661

fixed_packages

url	pkg:alpm/archlinux/cacti@1.1.28-1
purl	pkg:alpm/archlinux/cacti@1.1.28-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.28-1

aliases CVE-2017-16641

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qbvv-frc2-rqbk

url VCID-x1fg-6mq4-d7ds

vulnerability_id VCID-x1fg-6mq4-d7ds

summary Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd.

references

reference_url

reference_id

reference_type

scores

value	0.00112
scoring_system	epss
scoring_elements	0.29806
published_at	2026-04-11T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29711
published_at	2026-04-13T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29761
published_at	2026-04-12T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39665
published_at	2026-04-01T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39812
published_at	2026-04-08T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39827
published_at	2026-04-09T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39757
published_at	2026-04-07T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39814
published_at	2026-04-02T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39837
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16661

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16661
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16661

reference_url	https://github.com/Cacti/cacti/issues/1066
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/1066

reference_url	https://security.archlinux.org/ASA-201712-2
reference_id	ASA-201712-2
reference_type
scores
url	https://security.archlinux.org/ASA-201712-2

reference_url

reference_id

AVG-537

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_id	cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*

reference_url

reference_id

CVE-2017-16661

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:N/A:N

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16785

fixed_packages

url	pkg:alpm/archlinux/cacti@1.1.28-1
purl	pkg:alpm/archlinux/cacti@1.1.28-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.28-1

aliases CVE-2017-16661

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x1fg-6mq4-d7ds

url VCID-yjny-ubdp-7few

vulnerability_id VCID-yjny-ubdp-7few

summary Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php.

references

reference_url

reference_id

reference_type

scores

value	0.00182
scoring_system	epss
scoring_elements	0.40045
published_at	2026-04-11T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39988
published_at	2026-04-13T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40008
published_at	2026-04-12T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41485
published_at	2026-04-01T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.4158
published_at	2026-04-08T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41589
published_at	2026-04-09T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.4153
published_at	2026-04-07T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41574
published_at	2026-04-02T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41603
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16785

reference_url	https://github.com/Cacti/cacti/issues/1071
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/1071

reference_url	http://www.securitytracker.com/id/1039774
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039774

reference_url	https://security.archlinux.org/ASA-201712-2
reference_id	ASA-201712-2
reference_type
scores
url	https://security.archlinux.org/ASA-201712-2

reference_url

reference_id

AVG-537

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_id	cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*

reference_url

reference_id

CVE-2017-16785

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16660

fixed_packages

url	pkg:alpm/archlinux/cacti@1.1.28-1
purl	pkg:alpm/archlinux/cacti@1.1.28-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.28-1

aliases CVE-2017-16785

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yjny-ubdp-7few

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.17-1

pkg:alpm/archlinux/cacti@1.1.28-1

alpm

archlinux

cacti

1.1.28-1

false

1.2.16-2

url VCID-q88b-smmh-77ga

vulnerability_id VCID-q88b-smmh-77ga

references

reference_url

reference_id

reference_type

scores

value	0.01457
scoring_system	epss
scoring_elements	0.80764
published_at	2026-04-01T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.80772
published_at	2026-04-02T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.80793
published_at	2026-04-04T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.8079
published_at	2026-04-07T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.80817
published_at	2026-04-08T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.80826
published_at	2026-04-09T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85723
published_at	2026-04-11T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.8572
published_at	2026-04-12T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85716
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16660

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16660
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16660

reference_url	https://github.com/Cacti/cacti/issues/1066
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/1066

reference_url	https://security.archlinux.org/ASA-201712-2
reference_id	ASA-201712-2
reference_type
scores
url	https://security.archlinux.org/ASA-201712-2

reference_url

reference_id

AVG-537

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_id	cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*

reference_url

reference_id

CVE-2017-16660

reference_type

scores

value	9.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:C/I:C/A:C

value	7.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16641

fixed_packages

url	pkg:alpm/archlinux/cacti@1.1.28-1
purl	pkg:alpm/archlinux/cacti@1.1.28-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.28-1

aliases CVE-2017-16660

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q88b-smmh-77ga

url VCID-qbvv-frc2-rqbk

vulnerability_id VCID-qbvv-frc2-rqbk

summary lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php.

references

reference_url

reference_id

reference_type

scores

value	0.00465
scoring_system	epss
scoring_elements	0.64294
published_at	2026-04-01T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64351
published_at	2026-04-02T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.6438
published_at	2026-04-04T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64339
published_at	2026-04-07T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64387
published_at	2026-04-08T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64402
published_at	2026-04-09T12:55:00Z

value	0.0126
scoring_system	epss
scoring_elements	0.79432
published_at	2026-04-11T12:55:00Z

value	0.0126
scoring_system	epss
scoring_elements	0.79415
published_at	2026-04-12T12:55:00Z

value	0.0126
scoring_system	epss
scoring_elements	0.79404
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16641

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16641
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16641

reference_url	https://github.com/Cacti/cacti/issues/1057
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/1057

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881110
reference_id	881110
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881110

reference_url	https://security.archlinux.org/ASA-201712-2
reference_id	ASA-201712-2
reference_type
scores
url	https://security.archlinux.org/ASA-201712-2

reference_url

reference_id

AVG-537

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_id	cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*

reference_url

reference_id

CVE-2017-16641

reference_type

scores

value	9.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:C/I:C/A:C

value	7.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16661

fixed_packages

url	pkg:alpm/archlinux/cacti@1.1.28-1
purl	pkg:alpm/archlinux/cacti@1.1.28-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.28-1

aliases CVE-2017-16641

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qbvv-frc2-rqbk

url VCID-x1fg-6mq4-d7ds

vulnerability_id VCID-x1fg-6mq4-d7ds

references

reference_url

reference_id

reference_type

scores

value	0.00112
scoring_system	epss
scoring_elements	0.29806
published_at	2026-04-11T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29711
published_at	2026-04-13T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29761
published_at	2026-04-12T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39665
published_at	2026-04-01T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39812
published_at	2026-04-08T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39827
published_at	2026-04-09T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39757
published_at	2026-04-07T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39814
published_at	2026-04-02T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39837
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16661

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16661
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16661

reference_url	https://github.com/Cacti/cacti/issues/1066
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/1066

reference_url	https://security.archlinux.org/ASA-201712-2
reference_id	ASA-201712-2
reference_type
scores
url	https://security.archlinux.org/ASA-201712-2

reference_url

reference_id

AVG-537

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_id	cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*

reference_url

reference_id

CVE-2017-16661

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:N/A:N

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16785

fixed_packages

url	pkg:alpm/archlinux/cacti@1.1.28-1
purl	pkg:alpm/archlinux/cacti@1.1.28-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.28-1

aliases CVE-2017-16661

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x1fg-6mq4-d7ds

url VCID-yjny-ubdp-7few

vulnerability_id VCID-yjny-ubdp-7few

summary Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php.

references

reference_url

reference_id

reference_type

scores

value	0.00182
scoring_system	epss
scoring_elements	0.40045
published_at	2026-04-11T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39988
published_at	2026-04-13T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40008
published_at	2026-04-12T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41485
published_at	2026-04-01T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.4158
published_at	2026-04-08T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41589
published_at	2026-04-09T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.4153
published_at	2026-04-07T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41574
published_at	2026-04-02T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41603
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16785

reference_url	https://github.com/Cacti/cacti/issues/1071
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/1071

reference_url	http://www.securitytracker.com/id/1039774
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039774

reference_url	https://security.archlinux.org/ASA-201712-2
reference_id	ASA-201712-2
reference_type
scores
url	https://security.archlinux.org/ASA-201712-2

reference_url

reference_id

AVG-537

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_id	cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*

reference_url

reference_id

CVE-2017-16785

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35701

fixed_packages

url	pkg:alpm/archlinux/cacti@1.1.28-1
purl	pkg:alpm/archlinux/cacti@1.1.28-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.28-1

aliases CVE-2017-16785

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yjny-ubdp-7few

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.1.28-1

pkg:alpm/archlinux/cacti@1.2.16-1

alpm

archlinux

cacti

1.2.16-1

true

1.2.16-2

url VCID-qvkt-vk55-4bbx

vulnerability_id VCID-qvkt-vk55-4bbx

summary A vulnerability in Cacti could lead to remote code execution.

references

reference_url

reference_id

reference_type

scores

value	0.01839
scoring_system	epss
scoring_elements	0.82949
published_at	2026-04-13T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82885
published_at	2026-04-01T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82901
published_at	2026-04-02T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82914
published_at	2026-04-04T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.8291
published_at	2026-04-07T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82936
published_at	2026-04-08T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82943
published_at	2026-04-09T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82958
published_at	2026-04-11T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82953
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35701

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35701
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35701

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979998
reference_id	979998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979998

reference_url

reference_id

AVG-1433

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35701

reference_url	https://security.gentoo.org/glsa/202101-31
reference_id	GLSA-202101-31
reference_type
scores
url	https://security.gentoo.org/glsa/202101-31

reference_url	https://usn.ubuntu.com/USN-5214-1/
reference_id	USN-USN-5214-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5214-1/

fixed_packages

url	pkg:alpm/archlinux/cacti@1.2.16-2
purl	pkg:alpm/archlinux/cacti@1.2.16-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.2.16-2

aliases CVE-2020-35701

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qvkt-vk55-4bbx

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.2.16-1

pkg:alpm/archlinux/cacti@1.2.16-2

alpm

archlinux

cacti

1.2.16-2

false

null

url VCID-qvkt-vk55-4bbx

vulnerability_id VCID-qvkt-vk55-4bbx

summary A vulnerability in Cacti could lead to remote code execution.

references

reference_url

reference_id

reference_type

scores

value	0.01839
scoring_system	epss
scoring_elements	0.82949
published_at	2026-04-13T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82885
published_at	2026-04-01T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82901
published_at	2026-04-02T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82914
published_at	2026-04-04T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.8291
published_at	2026-04-07T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82936
published_at	2026-04-08T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82943
published_at	2026-04-09T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82958
published_at	2026-04-11T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82953
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35701

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35701
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35701

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979998
reference_id	979998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979998

reference_url

reference_id

AVG-1433

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7475.json

reference_url	https://security.gentoo.org/glsa/202101-31
reference_id	GLSA-202101-31
reference_type
scores
url	https://security.gentoo.org/glsa/202101-31

reference_url	https://usn.ubuntu.com/USN-5214-1/
reference_id	USN-USN-5214-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5214-1/

fixed_packages

url	pkg:alpm/archlinux/cacti@1.2.16-2
purl	pkg:alpm/archlinux/cacti@1.2.16-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.2.16-2

aliases CVE-2020-35701

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qvkt-vk55-4bbx

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cacti@1.2.16-2

pkg:alpm/archlinux/cairo@1.14.10-1

alpm

archlinux

cairo

1.14.10-1

true

1.15.8-1

1.17.4-5

url VCID-m37e-xj39-eqfu

vulnerability_id VCID-m37e-xj39-eqfu

summary

NULL Pointer Dereference
Cairo is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7475.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7475

reference_id

reference_type

scores

value	0.00282
scoring_system	epss
scoring_elements	0.51551
published_at	2026-04-13T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.5145
published_at	2026-04-01T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51501
published_at	2026-04-02T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51528
published_at	2026-04-04T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51489
published_at	2026-04-07T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51542
published_at	2026-04-08T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51539
published_at	2026-04-09T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51584
published_at	2026-04-11T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51563
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7475

reference_url

https://bugs.freedesktop.org/show_bug.cgi?id=100763

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugs.freedesktop.org/show_bug.cgi?id=100763

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/cairo/CVE-2017-7475.yml

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/cairo/CVE-2017-7475.yml

reference_url

https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1447949
reference_id	1447949
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1447949

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870264
reference_id	870264
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870264

reference_url

reference_id

AVG-277

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

CVE-2017-7475

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

GHSA-5v3f-73gv-x7x5

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7475.json

fixed_packages

url	pkg:alpm/archlinux/cairo@1.15.8-1
purl	pkg:alpm/archlinux/cairo@1.15.8-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cairo@1.15.8-1

aliases CVE-2017-7475, GHSA-5v3f-73gv-x7x5

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m37e-xj39-eqfu

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cairo@1.14.10-1

pkg:alpm/archlinux/cairo@1.15.8-1

alpm

archlinux

cairo

1.15.8-1

false

1.16.0-2

1.17.4-5

url VCID-m37e-xj39-eqfu

vulnerability_id VCID-m37e-xj39-eqfu

summary

NULL Pointer Dereference
Cairo is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7475.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7475

reference_id

reference_type

scores

value	0.00282
scoring_system	epss
scoring_elements	0.51551
published_at	2026-04-13T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.5145
published_at	2026-04-01T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51501
published_at	2026-04-02T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51528
published_at	2026-04-04T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51489
published_at	2026-04-07T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51542
published_at	2026-04-08T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51539
published_at	2026-04-09T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51584
published_at	2026-04-11T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51563
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7475

reference_url

https://bugs.freedesktop.org/show_bug.cgi?id=100763

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugs.freedesktop.org/show_bug.cgi?id=100763

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/cairo/CVE-2017-7475.yml

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/cairo/CVE-2017-7475.yml

reference_url

https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1447949
reference_id	1447949
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1447949

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870264
reference_id	870264
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870264

reference_url

reference_id

AVG-277

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

CVE-2017-7475

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

GHSA-5v3f-73gv-x7x5

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19876.json

fixed_packages

url	pkg:alpm/archlinux/cairo@1.15.8-1
purl	pkg:alpm/archlinux/cairo@1.15.8-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cairo@1.15.8-1

aliases CVE-2017-7475, GHSA-5v3f-73gv-x7x5

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m37e-xj39-eqfu

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cairo@1.15.8-1

pkg:alpm/archlinux/cairo@1.16.0-1

alpm

archlinux

cairo

1.16.0-1

true

1.16.0-2

1.17.4-5

url VCID-8bnq-c161-2yaq

vulnerability_id VCID-8bnq-c161-2yaq

summary cairo: Invalid free in cairo_ft_apply_variations() resulting in a denial of service

references

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19876.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19876

reference_id

reference_type

scores

value	0.00303
scoring_system	epss
scoring_elements	0.53506
published_at	2026-04-01T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53585
published_at	2026-04-13T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.5362
published_at	2026-04-11T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53602
published_at	2026-04-12T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53529
published_at	2026-04-02T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53555
published_at	2026-04-04T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53524
published_at	2026-04-07T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53574
published_at	2026-04-08T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.5357
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19876

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1661454
reference_id	1661454
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1661454

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915801
reference_id	915801
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915801

reference_url	https://security.archlinux.org/ASA-201902-19
reference_id	ASA-201902-19
reference_type
scores
url	https://security.archlinux.org/ASA-201902-19

reference_url

reference_id

AVG-826

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-827

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19876.json

fixed_packages

url	pkg:alpm/archlinux/cairo@1.16.0-2
purl	pkg:alpm/archlinux/cairo@1.16.0-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cairo@1.16.0-2

aliases CVE-2018-19876

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8bnq-c161-2yaq

4.5

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cairo@1.16.0-1

pkg:alpm/archlinux/cairo@1.16.0-2

alpm

archlinux

cairo

1.16.0-2

false

1.17.4-5

url VCID-8bnq-c161-2yaq

vulnerability_id VCID-8bnq-c161-2yaq

summary cairo: Invalid free in cairo_ft_apply_variations() resulting in a denial of service

references

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19876.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19876

reference_id

reference_type

scores

value	0.00303
scoring_system	epss
scoring_elements	0.53506
published_at	2026-04-01T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53585
published_at	2026-04-13T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.5362
published_at	2026-04-11T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53602
published_at	2026-04-12T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53529
published_at	2026-04-02T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53555
published_at	2026-04-04T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53524
published_at	2026-04-07T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.53574
published_at	2026-04-08T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.5357
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19876

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1661454
reference_id	1661454
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1661454

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915801
reference_id	915801
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915801

reference_url	https://security.archlinux.org/ASA-201902-19
reference_id	ASA-201902-19
reference_type
scores
url	https://security.archlinux.org/ASA-201902-19

reference_url

reference_id

AVG-826

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-827

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35492.json

fixed_packages

url	pkg:alpm/archlinux/cairo@1.16.0-2
purl	pkg:alpm/archlinux/cairo@1.16.0-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cairo@1.16.0-2

aliases CVE-2018-19876

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8bnq-c161-2yaq

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cairo@1.16.0-2

pkg:alpm/archlinux/cairo@1.17.4-4

alpm

archlinux

cairo

1.17.4-4

true

1.17.4-5

url VCID-rzf2-bp8j-27fq

vulnerability_id VCID-rzf2-bp8j-27fq

summary A buffer overflow vulnerability has been discovered in Cairo which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35492.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35492

reference_id

reference_type

scores

value	0.00098
scoring_system	epss
scoring_elements	0.26976
published_at	2026-04-01T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.2686
published_at	2026-04-13T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26957
published_at	2026-04-09T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26961
published_at	2026-04-11T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26917
published_at	2026-04-12T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27016
published_at	2026-04-02T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27053
published_at	2026-04-04T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26843
published_at	2026-04-07T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26911
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35492

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1898396
reference_id	1898396
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1898396

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978658
reference_id	978658
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978658

reference_url

reference_id

AVG-1391

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1392

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35492.json

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-35492
reference_id	CVE-2020-35492
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-35492

reference_url	https://security.gentoo.org/glsa/202305-21
reference_id	GLSA-202305-21
reference_type
scores
url	https://security.gentoo.org/glsa/202305-21

reference_url	https://access.redhat.com/errata/RHSA-2022:1961
reference_id	RHSA-2022:1961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1961

reference_url	https://usn.ubuntu.com/5407-1/
reference_id	USN-5407-1
reference_type
scores
url	https://usn.ubuntu.com/5407-1/

reference_url	https://usn.ubuntu.com/8140-1/
reference_id	USN-8140-1
reference_type
scores
url	https://usn.ubuntu.com/8140-1/

fixed_packages

url	pkg:alpm/archlinux/cairo@1.17.4-5
purl	pkg:alpm/archlinux/cairo@1.17.4-5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cairo@1.17.4-5

aliases CVE-2020-35492

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rzf2-bp8j-27fq

3.5

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cairo@1.17.4-4

pkg:alpm/archlinux/cairo@1.17.4-5

alpm

archlinux

cairo

1.17.4-5

false

null

url VCID-rzf2-bp8j-27fq

vulnerability_id VCID-rzf2-bp8j-27fq

summary A buffer overflow vulnerability has been discovered in Cairo which could result in denial of service.

references

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35492.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35492

reference_id

reference_type

scores

value	0.00098
scoring_system	epss
scoring_elements	0.26976
published_at	2026-04-01T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.2686
published_at	2026-04-13T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26957
published_at	2026-04-09T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26961
published_at	2026-04-11T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26917
published_at	2026-04-12T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27016
published_at	2026-04-02T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27053
published_at	2026-04-04T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26843
published_at	2026-04-07T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26911
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35492

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1898396
reference_id	1898396
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1898396

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978658
reference_id	978658
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978658

reference_url

reference_id

AVG-1391

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1392

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2018-7889

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-35492
reference_id	CVE-2020-35492
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-35492

reference_url	https://security.gentoo.org/glsa/202305-21
reference_id	GLSA-202305-21
reference_type
scores
url	https://security.gentoo.org/glsa/202305-21

reference_url	https://access.redhat.com/errata/RHSA-2022:1961
reference_id	RHSA-2022:1961
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1961

reference_url	https://usn.ubuntu.com/5407-1/
reference_id	USN-5407-1
reference_type
scores
url	https://usn.ubuntu.com/5407-1/

reference_url	https://usn.ubuntu.com/8140-1/
reference_id	USN-8140-1
reference_type
scores
url	https://usn.ubuntu.com/8140-1/

fixed_packages

url	pkg:alpm/archlinux/cairo@1.17.4-5
purl	pkg:alpm/archlinux/cairo@1.17.4-5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cairo@1.17.4-5

aliases CVE-2020-35492

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rzf2-bp8j-27fq

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cairo@1.17.4-5

pkg:alpm/archlinux/calibre@3.18.0-1

alpm

archlinux

calibre

3.18.0-1

true

3.19.0-1

url VCID-xhf1-k7jg-6ued

vulnerability_id VCID-xhf1-k7jg-6ued

summary gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.

references

reference_url

reference_id

reference_type

scores

value	0.10883
scoring_system	epss
scoring_elements	0.93385
published_at	2026-04-12T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93354
published_at	2026-04-01T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93362
published_at	2026-04-02T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.9337
published_at	2026-04-07T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93377
published_at	2026-04-08T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93381
published_at	2026-04-09T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93386
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-7889

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7889
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7889

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892242
reference_id	892242
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892242

reference_url	https://security.archlinux.org/ASA-201803-8
reference_id	ASA-201803-8
reference_type
scores
url	https://security.archlinux.org/ASA-201803-8

reference_url

reference_id

AVG-650

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2018-7889

fixed_packages

url	pkg:alpm/archlinux/calibre@3.19.0-1
purl	pkg:alpm/archlinux/calibre@3.19.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/calibre@3.19.0-1

aliases CVE-2018-7889

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xhf1-k7jg-6ued

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/calibre@3.18.0-1

pkg:alpm/archlinux/calibre@3.19.0-1

alpm

archlinux

calibre

3.19.0-1

false

null

url VCID-xhf1-k7jg-6ued

vulnerability_id VCID-xhf1-k7jg-6ued

references

reference_url

reference_id

reference_type

scores

value	0.10883
scoring_system	epss
scoring_elements	0.93385
published_at	2026-04-12T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93354
published_at	2026-04-01T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93362
published_at	2026-04-02T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.9337
published_at	2026-04-07T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93377
published_at	2026-04-08T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93381
published_at	2026-04-09T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93386
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-7889

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7889
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7889

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892242
reference_id	892242
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892242

reference_url	https://security.archlinux.org/ASA-201803-8
reference_id	ASA-201803-8
reference_type
scores
url	https://security.archlinux.org/ASA-201803-8

reference_url

reference_id

AVG-650

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5180.json

fixed_packages

url	pkg:alpm/archlinux/calibre@3.19.0-1
purl	pkg:alpm/archlinux/calibre@3.19.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/calibre@3.19.0-1

aliases CVE-2018-7889

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xhf1-k7jg-6ued

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/calibre@3.19.0-1

pkg:alpm/archlinux/c-ares@1.11.0-1

alpm

archlinux

c-ares

1.11.0-1

true

1.13.0-1

1.17.2-1

url VCID-33wk-w9ez-vyd2

vulnerability_id VCID-33wk-w9ez-vyd2

summary

A heap-based buffer overflow in c-ares might allow remote attackers
    to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5180.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-5180

reference_id

reference_type

scores

value	0.18165
scoring_system	epss
scoring_elements	0.95153
published_at	2026-04-01T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.9519
published_at	2026-04-13T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.95186
published_at	2026-04-11T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.95187
published_at	2026-04-12T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.95164
published_at	2026-04-02T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.95166
published_at	2026-04-04T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.95169
published_at	2026-04-07T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.95176
published_at	2026-04-08T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.9518
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-5180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5180

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1380463
reference_id	1380463
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1380463

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839151
reference_id	839151
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839151

reference_url	https://security.archlinux.org/ASA-201609-31
reference_id	ASA-201609-31
reference_type
scores
url	https://security.archlinux.org/ASA-201609-31

reference_url

reference_id

AVG-37

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000381.json

reference_url	https://security.gentoo.org/glsa/201701-28
reference_id	GLSA-201701-28
reference_type
scores
url	https://security.gentoo.org/glsa/201701-28

reference_url	https://access.redhat.com/errata/RHSA-2017:0002
reference_id	RHSA-2017:0002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0002

reference_url	https://usn.ubuntu.com/3143-1/
reference_id	USN-3143-1
reference_type
scores
url	https://usn.ubuntu.com/3143-1/

fixed_packages

url pkg:alpm/archlinux/c-ares@1.12.0-1

purl pkg:alpm/archlinux/c-ares@1.12.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-w3cx-2jcp-pyga

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/c-ares@1.12.0-1

aliases CVE-2016-5180

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-33wk-w9ez-vyd2

4.0

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/c-ares@1.11.0-1

pkg:alpm/archlinux/c-ares@1.12.0-1

alpm

archlinux

c-ares

1.12.0-1

true

1.13.0-1

1.17.2-1

url VCID-w3cx-2jcp-pyga

vulnerability_id VCID-w3cx-2jcp-pyga

summary c-ares: NAPTR parser out of bounds access

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000381.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000381

reference_id

reference_type

scores

value	0.00506
scoring_system	epss
scoring_elements	0.66165
published_at	2026-04-01T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66239
published_at	2026-04-13T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66263
published_at	2026-04-09T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66284
published_at	2026-04-11T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66271
published_at	2026-04-12T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66206
published_at	2026-04-02T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66233
published_at	2026-04-04T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66203
published_at	2026-04-07T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.6625
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000381

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000381
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000381

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1463132
reference_id	1463132
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1463132

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865360
reference_id	865360
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865360

reference_url	https://security.archlinux.org/ASA-201707-21
reference_id	ASA-201707-21
reference_type
scores
url	https://security.archlinux.org/ASA-201707-21

reference_url

reference_id

AVG-315

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5180.json

reference_url	https://access.redhat.com/errata/RHSA-2017:2908
reference_id	RHSA-2017:2908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2908

reference_url	https://usn.ubuntu.com/3395-1/
reference_id	USN-3395-1
reference_type
scores
url	https://usn.ubuntu.com/3395-1/

reference_url	https://usn.ubuntu.com/USN-4796-1/
reference_id	USN-USN-4796-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4796-1/

fixed_packages

url	pkg:alpm/archlinux/c-ares@1.13.0-1
purl	pkg:alpm/archlinux/c-ares@1.13.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/c-ares@1.13.0-1

aliases CVE-2017-1000381

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w3cx-2jcp-pyga

url VCID-33wk-w9ez-vyd2

vulnerability_id VCID-33wk-w9ez-vyd2

summary

A heap-based buffer overflow in c-ares might allow remote attackers
    to cause a Denial of Service condition.

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5180.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-5180

reference_id

reference_type

scores

value	0.18165
scoring_system	epss
scoring_elements	0.95153
published_at	2026-04-01T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.9519
published_at	2026-04-13T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.95186
published_at	2026-04-11T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.95187
published_at	2026-04-12T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.95164
published_at	2026-04-02T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.95166
published_at	2026-04-04T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.95169
published_at	2026-04-07T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.95176
published_at	2026-04-08T12:55:00Z

value	0.18165
scoring_system	epss
scoring_elements	0.9518
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-5180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5180

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1380463
reference_id	1380463
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1380463

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839151
reference_id	839151
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839151

reference_url	https://security.archlinux.org/ASA-201609-31
reference_id	ASA-201609-31
reference_type
scores
url	https://security.archlinux.org/ASA-201609-31

reference_url

reference_id

AVG-37

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000381.json

reference_url	https://security.gentoo.org/glsa/201701-28
reference_id	GLSA-201701-28
reference_type
scores
url	https://security.gentoo.org/glsa/201701-28

reference_url	https://access.redhat.com/errata/RHSA-2017:0002
reference_id	RHSA-2017:0002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0002

reference_url	https://usn.ubuntu.com/3143-1/
reference_id	USN-3143-1
reference_type
scores
url	https://usn.ubuntu.com/3143-1/

fixed_packages

url pkg:alpm/archlinux/c-ares@1.12.0-1

purl pkg:alpm/archlinux/c-ares@1.12.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-w3cx-2jcp-pyga

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/c-ares@1.12.0-1

aliases CVE-2016-5180

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-33wk-w9ez-vyd2

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/c-ares@1.12.0-1

pkg:alpm/archlinux/c-ares@1.13.0-1

alpm

archlinux

c-ares

1.13.0-1

false

1.17.2-1

url VCID-w3cx-2jcp-pyga

vulnerability_id VCID-w3cx-2jcp-pyga

summary c-ares: NAPTR parser out of bounds access

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000381.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000381

reference_id

reference_type

scores

value	0.00506
scoring_system	epss
scoring_elements	0.66165
published_at	2026-04-01T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66239
published_at	2026-04-13T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66263
published_at	2026-04-09T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66284
published_at	2026-04-11T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66271
published_at	2026-04-12T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66206
published_at	2026-04-02T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66233
published_at	2026-04-04T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66203
published_at	2026-04-07T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.6625
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000381

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000381
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000381

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1463132
reference_id	1463132
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1463132

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865360
reference_id	865360
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865360

reference_url	https://security.archlinux.org/ASA-201707-21
reference_id	ASA-201707-21
reference_type
scores
url	https://security.archlinux.org/ASA-201707-21

reference_url

reference_id

AVG-315

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8277.json

reference_url	https://access.redhat.com/errata/RHSA-2017:2908
reference_id	RHSA-2017:2908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2908

reference_url	https://usn.ubuntu.com/3395-1/
reference_id	USN-3395-1
reference_type
scores
url	https://usn.ubuntu.com/3395-1/

reference_url	https://usn.ubuntu.com/USN-4796-1/
reference_id	USN-USN-4796-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4796-1/

fixed_packages

url	pkg:alpm/archlinux/c-ares@1.13.0-1
purl	pkg:alpm/archlinux/c-ares@1.13.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/c-ares@1.13.0-1

aliases CVE-2017-1000381

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w3cx-2jcp-pyga

null

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/c-ares@1.13.0-1

pkg:alpm/archlinux/c-ares@1.16.1-2

alpm

archlinux

c-ares

1.16.1-2

true

1.17.2-1

url VCID-m4sn-7wuq-e3cd

vulnerability_id VCID-m4sn-7wuq-e3cd

summary A Denial of Service vulnerability was discovered in c-ares.

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8277.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8277

reference_id

reference_type

scores

value	0.59168
scoring_system	epss
scoring_elements	0.98219
published_at	2026-04-01T12:55:00Z

value	0.59168
scoring_system	epss
scoring_elements	0.98233
published_at	2026-04-13T12:55:00Z

value	0.59168
scoring_system	epss
scoring_elements	0.98226
published_at	2026-04-07T12:55:00Z

value	0.59168
scoring_system	epss
scoring_elements	0.9823
published_at	2026-04-09T12:55:00Z

value	0.59168
scoring_system	epss
scoring_elements	0.98222
published_at	2026-04-02T12:55:00Z

value	0.59168
scoring_system	epss
scoring_elements	0.98225
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8277

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8277
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8277

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/

reference_url	https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/
reference_id
reference_type
scores
url	https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1898554
reference_id	1898554
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1898554

reference_url	https://security.archlinux.org/ASA-202011-18
reference_id	ASA-202011-18
reference_type
scores
url	https://security.archlinux.org/ASA-202011-18

reference_url

reference_id

AVG-1280

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3672.json

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-8277
reference_id	CVE-2020-8277
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-8277

reference_url	https://security.gentoo.org/glsa/202012-11
reference_id	GLSA-202012-11
reference_type
scores
url	https://security.gentoo.org/glsa/202012-11

reference_url	https://access.redhat.com/errata/RHSA-2020:5305
reference_id	RHSA-2020:5305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5305

reference_url	https://access.redhat.com/errata/RHSA-2020:5499
reference_id	RHSA-2020:5499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5499

reference_url	https://access.redhat.com/errata/RHSA-2021:0421
reference_id	RHSA-2021:0421
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0421

reference_url	https://access.redhat.com/errata/RHSA-2021:0551
reference_id	RHSA-2021:0551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0551

reference_url	https://usn.ubuntu.com/4638-1/
reference_id	USN-4638-1
reference_type
scores
url	https://usn.ubuntu.com/4638-1/

fixed_packages

url pkg:alpm/archlinux/c-ares@1.17.1-1

purl pkg:alpm/archlinux/c-ares@1.17.1-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xdz-dku3-qqc4

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/c-ares@1.17.1-1

aliases CVE-2020-8277

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m4sn-7wuq-e3cd

3.4

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/c-ares@1.16.1-2

pkg:alpm/archlinux/c-ares@1.17.1-1

alpm

archlinux

c-ares

1.17.1-1

true

1.17.2-1

url VCID-1xdz-dku3-qqc4

vulnerability_id VCID-1xdz-dku3-qqc4

summary

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.

references

reference_url

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3672.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3672

reference_id

reference_type

scores

value	0.00055
scoring_system	epss
scoring_elements	0.17144
published_at	2026-04-01T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17157
published_at	2026-04-13T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.1731
published_at	2026-04-02T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17358
published_at	2026-04-04T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17138
published_at	2026-04-07T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17229
published_at	2026-04-08T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17287
published_at	2026-04-09T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17265
published_at	2026-04-11T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17216
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3672

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1988342

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:33Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1988342

reference_url

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:33Z/

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3672
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3672

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992053
reference_id	992053
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992053

reference_url	https://security.archlinux.org/ASA-202108-13
reference_id	ASA-202108-13
reference_type
scores
url	https://security.archlinux.org/ASA-202108-13

reference_url

reference_id

AVG-2268

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-3672
reference_id	CVE-2021-3672
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-3672

reference_url

reference_id

GLSA-202401-02

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:33Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8277.json

reference_url	https://security.gentoo.org/glsa/202405-29
reference_id	GLSA-202405-29
reference_type
scores
url	https://security.gentoo.org/glsa/202405-29

reference_url	https://access.redhat.com/errata/RHSA-2021:3280
reference_id	RHSA-2021:3280
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3280

reference_url	https://access.redhat.com/errata/RHSA-2021:3281
reference_id	RHSA-2021:3281
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3281

reference_url	https://access.redhat.com/errata/RHSA-2021:3623
reference_id	RHSA-2021:3623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3623

reference_url	https://access.redhat.com/errata/RHSA-2021:3638
reference_id	RHSA-2021:3638
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3638

reference_url	https://access.redhat.com/errata/RHSA-2021:3639
reference_id	RHSA-2021:3639
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3639

reference_url	https://access.redhat.com/errata/RHSA-2021:3666
reference_id	RHSA-2021:3666
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3666

reference_url	https://access.redhat.com/errata/RHSA-2022:2043
reference_id	RHSA-2022:2043
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2043

reference_url	https://usn.ubuntu.com/5034-1/
reference_id	USN-5034-1
reference_type
scores
url	https://usn.ubuntu.com/5034-1/

reference_url	https://usn.ubuntu.com/5034-2/
reference_id	USN-5034-2
reference_type
scores
url	https://usn.ubuntu.com/5034-2/

fixed_packages

url	pkg:alpm/archlinux/c-ares@1.17.2-1
purl	pkg:alpm/archlinux/c-ares@1.17.2-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/c-ares@1.17.2-1

aliases CVE-2021-3672

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1xdz-dku3-qqc4

url VCID-m4sn-7wuq-e3cd

vulnerability_id VCID-m4sn-7wuq-e3cd

summary A Denial of Service vulnerability was discovered in c-ares.

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8277.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8277

reference_id

reference_type

scores

value	0.59168
scoring_system	epss
scoring_elements	0.98219
published_at	2026-04-01T12:55:00Z

value	0.59168
scoring_system	epss
scoring_elements	0.98233
published_at	2026-04-13T12:55:00Z

value	0.59168
scoring_system	epss
scoring_elements	0.98226
published_at	2026-04-07T12:55:00Z

value	0.59168
scoring_system	epss
scoring_elements	0.9823
published_at	2026-04-09T12:55:00Z

value	0.59168
scoring_system	epss
scoring_elements	0.98222
published_at	2026-04-02T12:55:00Z

value	0.59168
scoring_system	epss
scoring_elements	0.98225
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8277

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8277
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8277

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/

reference_url	https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/
reference_id
reference_type
scores
url	https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1898554
reference_id	1898554
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1898554

reference_url	https://security.archlinux.org/ASA-202011-18
reference_id	ASA-202011-18
reference_type
scores
url	https://security.archlinux.org/ASA-202011-18

reference_url

reference_id

AVG-1280

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3672.json

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-8277
reference_id	CVE-2020-8277
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-8277

reference_url	https://security.gentoo.org/glsa/202012-11
reference_id	GLSA-202012-11
reference_type
scores
url	https://security.gentoo.org/glsa/202012-11

reference_url	https://access.redhat.com/errata/RHSA-2020:5305
reference_id	RHSA-2020:5305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5305

reference_url	https://access.redhat.com/errata/RHSA-2020:5499
reference_id	RHSA-2020:5499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5499

reference_url	https://access.redhat.com/errata/RHSA-2021:0421
reference_id	RHSA-2021:0421
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0421

reference_url	https://access.redhat.com/errata/RHSA-2021:0551
reference_id	RHSA-2021:0551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0551

reference_url	https://usn.ubuntu.com/4638-1/
reference_id	USN-4638-1
reference_type
scores
url	https://usn.ubuntu.com/4638-1/

fixed_packages

url pkg:alpm/archlinux/c-ares@1.17.1-1

purl pkg:alpm/archlinux/c-ares@1.17.1-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xdz-dku3-qqc4

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/c-ares@1.17.1-1

aliases CVE-2020-8277

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m4sn-7wuq-e3cd

3.1

http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/c-ares@1.17.1-1

pkg:alpm/archlinux/c-ares@1.17.2-1

alpm

archlinux

c-ares

1.17.2-1

false

null

url VCID-1xdz-dku3-qqc4

vulnerability_id VCID-1xdz-dku3-qqc4

summary

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.

references

reference_url

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3672.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3672

reference_id

reference_type

scores

value	0.00055
scoring_system	epss
scoring_elements	0.17144
published_at	2026-04-01T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17157
published_at	2026-04-13T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.1731
published_at	2026-04-02T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17358
published_at	2026-04-04T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17138
published_at	2026-04-07T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17229
published_at	2026-04-08T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17287
published_at	2026-04-09T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17265
published_at	2026-04-11T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17216
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3672

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1988342

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:33Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1988342

reference_url

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:33Z/

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3672
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3672

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992053
reference_id	992053
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992053

reference_url	https://security.archlinux.org/ASA-202108-13
reference_id	ASA-202108-13
reference_type
scores
url	https://security.archlinux.org/ASA-202108-13

reference_url

reference_id

AVG-2268

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-3672
reference_id	CVE-2021-3672
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-3672

reference_url

reference_id

GLSA-202401-02

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:33Z/

url