{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15497?format=json","vulnerability_id":"VCID-qhjn-u426-yydj","summary":"","aliases":[{"alias":"CVE-2023-3255"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/101404?format=json","purl":"pkg:deb/debian/qemu@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101400?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ge6-kys6-3be9"},{"vulnerability":"VCID-5zan-9uk7-tkbj"},{"vulnerability":"VCID-6xbd-6e4e-2kdx"},{"vulnerability":"VCID-7axm-aanq-tqa6"},{"vulnerability":"VCID-8c1p-17pk-ukd4"},{"vulnerability":"VCID-8tn2-j78e-mbb9"},{"vulnerability":"VCID-9yqp-m6x5-eyh1"},{"vulnerability":"VCID-e423-8d42-tkdh"},{"vulnerability":"VCID-hg1w-2ns9-mbat"},{"vulnerability":"VCID-nea8-qgt9-63fy"},{"vulnerability":"VCID-pvvb-hzkq-gbf7"},{"vulnerability":"VCID-q5b1-dkud-zya7"},{"vulnerability":"VCID-sx77-xz6p-5khh"},{"vulnerability":"VCID-w4gk-d65y-dqff"},{"vulnerability":"VCID-wwqb-f8kp-syer"},{"vulnerability":"VCID-xck7-fkrx-zbd2"},{"vulnerability":"VCID-xfpp-7u4x-ybaj"},{"vulnerability":"VCID-y2yz-9gr6-7uaz"},{"vulnerability":"VCID-yk76-q8un-b3ca"},{"vulnerability":"VCID-zrcr-7xr9-k7bc"},{"vulnerability":"VCID-zw41-wzst-bbfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101506?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101398?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5zan-9uk7-tkbj"},{"vulnerability":"VCID-6xbd-6e4e-2kdx"},{"vulnerability":"VCID-8tn2-j78e-mbb9"},{"vulnerability":"VCID-cxb5-ps1u-jkhx"},{"vulnerability":"VCID-ua92-uymv-rfdg"},{"vulnerability":"VCID-w4gk-d65y-dqff"},{"vulnerability":"VCID-wwqb-f8kp-syer"},{"vulnerability":"VCID-y2yz-9gr6-7uaz"},{"vulnerability":"VCID-yk76-q8un-b3ca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101507?format=json","purl":"pkg:deb/debian/qemu@1:8.0.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:8.0.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101403?format=json","purl":"pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4p3f-84d2-aqcu"},{"vulnerability":"VCID-5zan-9uk7-tkbj"},{"vulnerability":"VCID-6e19-9wsk-nye4"},{"vulnerability":"VCID-6xbd-6e4e-2kdx"},{"vulnerability":"VCID-81v2-tkvj-qqbe"},{"vulnerability":"VCID-c16z-ca8e-rkhu"},{"vulnerability":"VCID-cxb5-ps1u-jkhx"},{"vulnerability":"VCID-fqvy-zgea-b7d6"},{"vulnerability":"VCID-h3me-ktz3-c7dw"},{"vulnerability":"VCID-mkmq-psus-f3hs"},{"vulnerability":"VCID-msrv-b6b8-wqey"},{"vulnerability":"VCID-rgbz-jtuq-ffg7"},{"vulnerability":"VCID-sgd1-uzxs-5yh3"},{"vulnerability":"VCID-uw6e-53zw-9kf2"},{"vulnerability":"VCID-wwqb-f8kp-syer"},{"vulnerability":"VCID-wxhk-n1v2-dbaj"},{"vulnerability":"VCID-y2yz-9gr6-7uaz"},{"vulnerability":"VCID-yk76-q8un-b3ca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101401?format=json","purl":"pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6e19-9wsk-nye4"},{"vulnerability":"VCID-81v2-tkvj-qqbe"},{"vulnerability":"VCID-c16z-ca8e-rkhu"},{"vulnerability":"VCID-fqvy-zgea-b7d6"},{"vulnerability":"VCID-h3me-ktz3-c7dw"},{"vulnerability":"VCID-msrv-b6b8-wqey"},{"vulnerability":"VCID-sgd1-uzxs-5yh3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101402?format=json","purl":"pkg:deb/debian/qemu@1:11.0.1%2Bds-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.1%252Bds-1%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/335864?format=json","purl":"pkg:rpm/redhat/qemu-kvm@17:8.2.0-11?arch=el9_4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vwx-ze2m-3ff5"},{"vulnerability":"VCID-bjhx-24ms-5ffh"},{"vulnerability":"VCID-qhjn-u426-yydj"},{"vulnerability":"VCID-tzu8-4gdh-yub4"},{"vulnerability":"VCID-xz1s-qvey-ubax"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qemu-kvm@17:8.2.0-11%3Farch=el9_4"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3255.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3255.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3255","reference_id":"","reference_type":"","scores":[{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30106","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3255"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8","reference_id":"cpe:/a:redhat:advanced_virtualization:8::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-3255","reference_id":"CVE-2023-3255","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T17:14:24Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-3255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2135","reference_id":"RHSA-2024:2135","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T17:14:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2962","reference_id":"RHSA-2024:2962","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T17:14:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2962"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2218486","reference_id":"show_bug.cgi?id=2218486","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T17:14:24Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2218486"},{"reference_url":"https://usn.ubuntu.com/6567-1/","reference_id":"USN-6567-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6567-1/"}],"weaknesses":[{"cwe_id":835,"name":"Loop with Unreachable Exit Condition ('Infinite Loop')","description":"The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop."}],"exploits":[],"severity_range_score":"4.9 - 6.5","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qhjn-u426-yydj"}