{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/108535?format=json","vulnerability_id":"VCID-6axt-kf52-jfhw","summary":"mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)","aliases":[{"alias":"CVE-2019-2991"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/137655?format=json","purl":"pkg:rpm/redhat/rh-mysql80-mysql@8.0.21-1?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1akn-dwnk-gfdk"},{"vulnerability":"VCID-1au4-2y5q-jqeh"},{"vulnerability":"VCID-21q4-gyhe-8bfq"},{"vulnerability":"VCID-3fkm-mf5w-3fa2"},{"vulnerability":"VCID-45xg-juag-eyaa"},{"vulnerability":"VCID-484u-2pf1-7bbs"},{"vulnerability":"VCID-4ek5-bm7e-23h9"},{"vulnerability":"VCID-4rce-su1c-xubq"},{"vulnerability":"VCID-5hz5-hmym-4qej"},{"vulnerability":"VCID-5ypn-rdk3-7qas"},{"vulnerability":"VCID-647g-79rr-57gz"},{"vulnerability":"VCID-66ez-92bb-e3ab"},{"vulnerability":"VCID-6axt-kf52-jfhw"},{"vulnerability":"VCID-6n7b-um6q-ekfy"},{"vulnerability":"VCID-6rum-fbev-vygd"},{"vulnerability":"VCID-6xh1-ycu2-ckd6"},{"vulnerability":"VCID-7dem-36zv-hybq"},{"vulnerability":"VCID-7djt-7axt-5ufy"},{"vulnerability":"VCID-7gu7-r6vx-8kcp"},{"vulnerability":"VCID-7jv2-nsyv-t3fj"},{"vulnerability":"VCID-7wbu-x13r-vfdn"},{"vulnerability":"VCID-87zv-wha8-hucf"},{"vulnerability":"VCID-8dwq-5fr5-ykb1"},{"vulnerability":"VCID-8esq-39q9-k7cj"},{"vulnerability":"VCID-8jmr-t7s5-uuej"},{"vulnerability":"VCID-8ps5-25ac-mbgs"},{"vulnerability":"VCID-99j2-abbd-hfbe"},{"vulnerability":"VCID-99uj-h7xq-93fb"},{"vulnerability":"VCID-a86q-9krx-r7h6"},{"vulnerability":"VCID-adxd-tfqy-8ufy"},{"vulnerability":"VCID-b368-shj2-sqbz"},{"vulnerability":"VCID-bh3e-jwqt-6yb8"},{"vulnerability":"VCID-brvf-xjw8-kqbq"},{"vulnerability":"VCID-cggk-dmt1-tyge"},{"vulnerability":"VCID-cjzz-z51g-wqcv"},{"vulnerability":"VCID-cvcy-m859-8ye5"},{"vulnerability":"VCID-d64p-rg8d-ukbt"},{"vulnerability":"VCID-ez6y-kr11-vyay"},{"vulnerability":"VCID-f5m6-hkpu-cub5"},{"vulnerability":"VCID-fbsn-rrvx-vkex"},{"vulnerability":"VCID-fhe2-2u5x-fffb"},{"vulnerability":"VCID-fv4v-zgty-bba8"},{"vulnerability":"VCID-g2kj-ned5-z3fk"},{"vulnerability":"VCID-g6e7-mtye-2fey"},{"vulnerability":"VCID-gfrt-r71f-p7f8"},{"vulnerability":"VCID-gfzy-f14k-v7h5"},{"vulnerability":"VCID-gjcg-rhvn-2kfb"},{"vulnerability":"VCID-gkxg-p8d6-cyfe"},{"vulnerability":"VCID-gr6q-4fj7-9qa8"},{"vulnerability":"VCID-h5st-tes5-ubht"},{"vulnerability":"VCID-hm2n-yutk-euhc"},{"vulnerability":"VCID-hsdz-2tav-7ydb"},{"vulnerability":"VCID-j4p9-m8xq-gbez"},{"vulnerability":"VCID-jbvs-hsk5-yba4"},{"vulnerability":"VCID-jmjx-36w5-u3d4"},{"vulnerability":"VCID-jnsr-gs2q-abbz"},{"vulnerability":"VCID-jzpx-vzv1-q7fg"},{"vulnerability":"VCID-jzwa-jrn7-1qg9"},{"vulnerability":"VCID-k2ck-ghkp-1ff6"},{"vulnerability":"VCID-k2fj-bwnb-6bf9"},{"vulnerability":"VCID-k3e5-cr3g-abdr"},{"vulnerability":"VCID-knjv-9xtr-87dt"},{"vulnerability":"VCID-ksj3-m3qq-vucq"},{"vulnerability":"VCID-kuqz-4b4d-n7am"},{"vulnerability":"VCID-m5xm-5ucv-ekca"},{"vulnerability":"VCID-me73-cnva-ubhn"},{"vulnerability":"VCID-mj1t-epf5-nqdu"},{"vulnerability":"VCID-n26d-navb-5bew"},{"vulnerability":"VCID-nd37-n31c-xka8"},{"vulnerability":"VCID-ndde-djr5-cqgq"},{"vulnerability":"VCID-nec1-euzv-5kc8"},{"vulnerability":"VCID-ng9f-smsp-3bbw"},{"vulnerability":"VCID-nkek-z2aj-yfe2"},{"vulnerability":"VCID-p38v-dn9j-wyaq"},{"vulnerability":"VCID-p7a6-2crv-3qey"},{"vulnerability":"VCID-pxbc-uh45-xygw"},{"vulnerability":"VCID-pzff-gk78-8bc7"},{"vulnerability":"VCID-q1zv-nmp5-s3ck"},{"vulnerability":"VCID-q2tp-1b1h-c3hs"},{"vulnerability":"VCID-qumh-bf3d-t3g7"},{"vulnerability":"VCID-rsja-a2q2-zya1"},{"vulnerability":"VCID-se22-6czf-h3a7"},{"vulnerability":"VCID-sezb-uymg-b3a2"},{"vulnerability":"VCID-sj5d-nbr9-rqb3"},{"vulnerability":"VCID-sw2n-2kp6-5bc9"},{"vulnerability":"VCID-syfj-uusg-e3bu"},{"vulnerability":"VCID-trkm-j2eq-9yex"},{"vulnerability":"VCID-txsq-he67-gqgy"},{"vulnerability":"VCID-tzrz-qwz2-gkfb"},{"vulnerability":"VCID-utr8-6b2f-vkdt"},{"vulnerability":"VCID-uxna-d2cb-m3ds"},{"vulnerability":"VCID-uz8u-fbtx-1ygw"},{"vulnerability":"VCID-uzgm-tugu-dqhh"},{"vulnerability":"VCID-uzh4-hvbs-bfeu"},{"vulnerability":"VCID-vpza-4c2g-3yf6"},{"vulnerability":"VCID-vunc-gwm8-tfet"},{"vulnerability":"VCID-w1sh-h8kw-xbb5"},{"vulnerability":"VCID-wptp-83ed-dfes"},{"vulnerability":"VCID-wrcb-dw1e-q7ac"},{"vulnerability":"VCID-xre5-tfas-ykaw"},{"vulnerability":"VCID-xuh2-mcqr-33hb"},{"vulnerability":"VCID-xzcg-5sdq-gffy"},{"vulnerability":"VCID-ybmz-22gk-w3ff"},{"vulnerability":"VCID-ymjr-8n1f-f7c3"},{"vulnerability":"VCID-yn13-1m3a-qffh"},{"vulnerability":"VCID-z7sy-hmeg-73dg"},{"vulnerability":"VCID-zcap-whfj-n3ht"},{"vulnerability":"VCID-zg9z-h5jw-xqe3"},{"vulnerability":"VCID-zggd-u5ka-xyag"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mysql80-mysql@8.0.21-1%3Farch=el7"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2991.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2991.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-2991","reference_id":"","reference_type":"","scores":[{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62844","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62872","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62887","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62896","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62886","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-2991"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764693","reference_id":"1764693","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764693"},{"reference_url":"https://usn.ubuntu.com/4195-1/","reference_id":"4195-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:39Z/"}],"url":"https://usn.ubuntu.com/4195-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/","reference_id":"6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DTUCXX5XXPNPFV2PHP6IESGTCFMZOFP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/","reference_id":"7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7X5D3O4TOQ57KL5FLQEXH2JB2UQYHCUZ/"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"cpuoct2019-5072832.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:39Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/","reference_id":"MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKCJLNRK6RHFAHV7ZFD3XO7HNSBU3XOL/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191017-0002/","reference_id":"ntap-20191017-0002","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:39Z/"}],"url":"https://security.netapp.com/advisory/ntap-20191017-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3518","reference_id":"RHSA-2020:3518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3732","reference_id":"RHSA-2020:3732","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3732"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3755","reference_id":"RHSA-2020:3755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3757","reference_id":"RHSA-2020:3757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3757"}],"weaknesses":[],"exploits":[],"severity_range_score":"5.5 - 5.5","exploitability":"0.5","weighted_severity":"5.0","risk_score":2.5,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6axt-kf52-jfhw"}