{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6506?format=json","vulnerability_id":"VCID-m83d-ynss-kud5","summary":"","aliases":[{"alias":"CVE-2019-16163"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1084186?format=json","purl":"pkg:deb/debian/libonig@6.9.6-1.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.6-1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/54783?format=json","purl":"pkg:deb/debian/libonig@6.9.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/54723?format=json","purl":"pkg:deb/debian/libonig@6.9.6-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.6-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/54717?format=json","purl":"pkg:deb/debian/libonig@6.9.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/54729?format=json","purl":"pkg:deb/debian/libonig@6.9.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/54726?format=json","purl":"pkg:deb/debian/libonig@6.9.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.10-1%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1084180?format=json","purl":"pkg:deb/debian/libonig@5.2.0-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-emax-hw5q-qye9"},{"vulnerability":"VCID-en3m-qzgz-sfh1"},{"vulnerability":"VCID-f39t-y8rh-b7az"},{"vulnerability":"VCID-gfhq-y243-b7gu"},{"vulnerability":"VCID-keat-6h9j-3qh1"},{"vulnerability":"VCID-m83d-ynss-kud5"},{"vulnerability":"VCID-ucj3-nrud-eqc3"},{"vulnerability":"VCID-vcgm-esfq-b3am"},{"vulnerability":"VCID-xee4-s1n7-tfew"},{"vulnerability":"VCID-y46e-6yja-j7gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@5.2.0-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1084181?format=json","purl":"pkg:deb/debian/libonig@5.9.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-emax-hw5q-qye9"},{"vulnerability":"VCID-en3m-qzgz-sfh1"},{"vulnerability":"VCID-f39t-y8rh-b7az"},{"vulnerability":"VCID-gfhq-y243-b7gu"},{"vulnerability":"VCID-keat-6h9j-3qh1"},{"vulnerability":"VCID-m83d-ynss-kud5"},{"vulnerability":"VCID-ucj3-nrud-eqc3"},{"vulnerability":"VCID-vcgm-esfq-b3am"},{"vulnerability":"VCID-xee4-s1n7-tfew"},{"vulnerability":"VCID-y46e-6yja-j7gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@5.9.1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1084182?format=json","purl":"pkg:deb/debian/libonig@5.9.5-3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-emax-hw5q-qye9"},{"vulnerability":"VCID-en3m-qzgz-sfh1"},{"vulnerability":"VCID-f39t-y8rh-b7az"},{"vulnerability":"VCID-gfhq-y243-b7gu"},{"vulnerability":"VCID-keat-6h9j-3qh1"},{"vulnerability":"VCID-m83d-ynss-kud5"},{"vulnerability":"VCID-ucj3-nrud-eqc3"},{"vulnerability":"VCID-vcgm-esfq-b3am"},{"vulnerability":"VCID-xee4-s1n7-tfew"},{"vulnerability":"VCID-y46e-6yja-j7gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@5.9.5-3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/1084183?format=json","purl":"pkg:deb/debian/libonig@5.9.5-3.2%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-emax-hw5q-qye9"},{"vulnerability":"VCID-en3m-qzgz-sfh1"},{"vulnerability":"VCID-f39t-y8rh-b7az"},{"vulnerability":"VCID-gfhq-y243-b7gu"},{"vulnerability":"VCID-keat-6h9j-3qh1"},{"vulnerability":"VCID-m83d-ynss-kud5"},{"vulnerability":"VCID-ucj3-nrud-eqc3"},{"vulnerability":"VCID-vcgm-esfq-b3am"},{"vulnerability":"VCID-xee4-s1n7-tfew"},{"vulnerability":"VCID-y46e-6yja-j7gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@5.9.5-3.2%252Bdeb8u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1084184?format=json","purl":"pkg:deb/debian/libonig@6.1.3-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gfhq-y243-b7gu"},{"vulnerability":"VCID-m83d-ynss-kud5"},{"vulnerability":"VCID-xee4-s1n7-tfew"},{"vulnerability":"VCID-y46e-6yja-j7gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.1.3-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1084185?format=json","purl":"pkg:deb/debian/libonig@6.9.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gfhq-y243-b7gu"},{"vulnerability":"VCID-m83d-ynss-kud5"},{"vulnerability":"VCID-xee4-s1n7-tfew"},{"vulnerability":"VCID-y46e-6yja-j7gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/346219?format=json","purl":"pkg:rpm/redhat/oniguruma@6.8.2-2.1?arch=el8_9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-h9we-d34y-sufx"},{"vulnerability":"VCID-k3sm-yevn-u7hc"},{"vulnerability":"VCID-m83d-ynss-kud5"},{"vulnerability":"VCID-xee4-s1n7-tfew"},{"vulnerability":"VCID-y46e-6yja-j7gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/oniguruma@6.8.2-2.1%3Farch=el8_9"},{"url":"http://public2.vulnerablecode.io/api/packages/346217?format=json","purl":"pkg:rpm/redhat/oniguruma@6.8.2-2.1?arch=el8_8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-h9we-d34y-sufx"},{"vulnerability":"VCID-k3sm-yevn-u7hc"},{"vulnerability":"VCID-m83d-ynss-kud5"},{"vulnerability":"VCID-xee4-s1n7-tfew"},{"vulnerability":"VCID-y46e-6yja-j7gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/oniguruma@6.8.2-2.1%3Farch=el8_8"},{"url":"http://public2.vulnerablecode.io/api/packages/346218?format=json","purl":"pkg:rpm/redhat/oniguruma@6.8.2-2.1?arch=el8_6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-h9we-d34y-sufx"},{"vulnerability":"VCID-k3sm-yevn-u7hc"},{"vulnerability":"VCID-m83d-ynss-kud5"},{"vulnerability":"VCID-xee4-s1n7-tfew"},{"vulnerability":"VCID-y46e-6yja-j7gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/oniguruma@6.8.2-2.1%3Farch=el8_6"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16163.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16163.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16163","reference_id":"","reference_type":"","scores":[{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44026","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16163"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16163","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16163"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1768997","reference_id":"1768997","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1768997"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939988","reference_id":"939988","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939988"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3662","reference_id":"RHSA-2020:3662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0409","reference_id":"RHSA-2024:0409","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0409"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0572","reference_id":"RHSA-2024:0572","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0572"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0889","reference_id":"RHSA-2024:0889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0889"},{"reference_url":"https://usn.ubuntu.com/4460-1/","reference_id":"USN-4460-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4460-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5662-1/","reference_id":"USN-USN-5662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5662-1/"}],"weaknesses":[{"cwe_id":674,"name":"Uncontrolled Recursion","description":"The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack."},{"cwe_id":121,"name":"Stack-based Buffer Overflow","description":"A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function)."}],"exploits":[],"severity_range_score":"3.3 - 6.5","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m83d-ynss-kud5"}