Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/66062?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66062?format=api", "vulnerability_id": "VCID-nbx2-3qh6-tqa3", "summary": "libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (First- vs Last-Value Wins)", "aliases": [ { "alias": "CVE-2025-14523" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928664?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928658?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/994716?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.6-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994714?format=api", "purl": "pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vz1-x5py-dkg5" }, { "vulnerability": "VCID-3zqd-pcvp-a7ed" }, { "vulnerability": "VCID-4scr-ppqy-5ugf" }, { "vulnerability": "VCID-6sbg-fgfs-43b6" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-cjwc-3fs8-17ef" }, { "vulnerability": "VCID-dnrq-3tff-nfc3" }, { "vulnerability": "VCID-ka6q-xta6-ukdp" }, { "vulnerability": "VCID-mxjn-d8v7-8ubc" }, { "vulnerability": "VCID-nbx2-3qh6-tqa3" }, { "vulnerability": "VCID-nu2x-tpra-4few" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-sccj-juvj-5ud5" }, { "vulnerability": "VCID-tpky-j79x-pqd4" }, { "vulnerability": "VCID-v11f-c1ed-j7d1" }, { "vulnerability": "VCID-vsry-jr8n-zba8" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/928656?format=api", "purl": "pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vz1-x5py-dkg5" }, { "vulnerability": "VCID-3zqd-pcvp-a7ed" }, { "vulnerability": "VCID-4scr-ppqy-5ugf" }, { "vulnerability": "VCID-6sbg-fgfs-43b6" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-cjwc-3fs8-17ef" }, { "vulnerability": "VCID-dnrq-3tff-nfc3" }, { "vulnerability": "VCID-ka6q-xta6-ukdp" }, { "vulnerability": "VCID-mxjn-d8v7-8ubc" }, { "vulnerability": "VCID-nbx2-3qh6-tqa3" }, { "vulnerability": "VCID-nu2x-tpra-4few" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-sccj-juvj-5ud5" }, { "vulnerability": "VCID-tpky-j79x-pqd4" }, { "vulnerability": "VCID-v11f-c1ed-j7d1" }, { "vulnerability": "VCID-vsry-jr8n-zba8" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928660?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vz1-x5py-dkg5" }, { "vulnerability": "VCID-3zqd-pcvp-a7ed" }, { "vulnerability": "VCID-6sbg-fgfs-43b6" }, { "vulnerability": "VCID-cjwc-3fs8-17ef" }, { "vulnerability": "VCID-dnrq-3tff-nfc3" }, { "vulnerability": "VCID-ka6q-xta6-ukdp" }, { "vulnerability": "VCID-mxjn-d8v7-8ubc" }, { "vulnerability": "VCID-nbx2-3qh6-tqa3" }, { "vulnerability": "VCID-nu2x-tpra-4few" }, { "vulnerability": "VCID-sccj-juvj-5ud5" }, { "vulnerability": "VCID-tpky-j79x-pqd4" }, { "vulnerability": "VCID-vsry-jr8n-zba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/994715?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vz1-x5py-dkg5" }, { "vulnerability": "VCID-3zqd-pcvp-a7ed" }, { "vulnerability": "VCID-6sbg-fgfs-43b6" }, { "vulnerability": "VCID-cjwc-3fs8-17ef" }, { "vulnerability": "VCID-dnrq-3tff-nfc3" }, { "vulnerability": "VCID-ka6q-xta6-ukdp" }, { "vulnerability": "VCID-mxjn-d8v7-8ubc" }, { "vulnerability": "VCID-nbx2-3qh6-tqa3" }, { "vulnerability": "VCID-nu2x-tpra-4few" }, { "vulnerability": "VCID-sccj-juvj-5ud5" }, { "vulnerability": "VCID-tpky-j79x-pqd4" }, { "vulnerability": "VCID-vsry-jr8n-zba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3" }, { "url": "http://public2.vulnerablecode.io/api/packages/87812?format=api", "purl": "pkg:rpm/redhat/libsoup@2.62.2-10?arch=el7_9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.62.2-10%3Farch=el7_9" }, { "url": "http://public2.vulnerablecode.io/api/packages/87805?format=api", "purl": "pkg:rpm/redhat/libsoup@2.62.3-1.el8_2?arch=7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.62.3-1.el8_2%3Farch=7" }, { "url": "http://public2.vulnerablecode.io/api/packages/87808?format=api", "purl": "pkg:rpm/redhat/libsoup@2.62.3-2.el8_4?arch=7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.62.3-2.el8_4%3Farch=7" }, { "url": "http://public2.vulnerablecode.io/api/packages/87806?format=api", "purl": "pkg:rpm/redhat/libsoup@2.62.3-2.el8_6?arch=7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.62.3-2.el8_6%3Farch=7" }, { "url": "http://public2.vulnerablecode.io/api/packages/87807?format=api", "purl": "pkg:rpm/redhat/libsoup@2.62.3-3.el8_8?arch=7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.62.3-3.el8_8%3Farch=7" }, { "url": "http://public2.vulnerablecode.io/api/packages/87809?format=api", "purl": "pkg:rpm/redhat/libsoup@2.62.3-11?arch=el8_10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.62.3-11%3Farch=el8_10" }, { "url": "http://public2.vulnerablecode.io/api/packages/87813?format=api", "purl": "pkg:rpm/redhat/libsoup@2.72.0-8.el9_0?arch=8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.72.0-8.el9_0%3Farch=8" }, { "url": "http://public2.vulnerablecode.io/api/packages/87811?format=api", "purl": "pkg:rpm/redhat/libsoup@2.72.0-8.el9_2?arch=8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.72.0-8.el9_2%3Farch=8" }, { "url": "http://public2.vulnerablecode.io/api/packages/87818?format=api", "purl": "pkg:rpm/redhat/libsoup@2.72.0-8.el9_4?arch=8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.72.0-8.el9_4%3Farch=8" }, { "url": "http://public2.vulnerablecode.io/api/packages/87814?format=api", "purl": "pkg:rpm/redhat/libsoup@2.72.0-10.el9_6?arch=5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.72.0-10.el9_6%3Farch=5" }, { "url": "http://public2.vulnerablecode.io/api/packages/87810?format=api", "purl": "pkg:rpm/redhat/libsoup@2.72.0-12.el9_7?arch=3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.72.0-12.el9_7%3Farch=3" }, { "url": "http://public2.vulnerablecode.io/api/packages/87822?format=api", "purl": "pkg:rpm/redhat/libsoup3@3.6.5-3.el10_0?arch=11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup3@3.6.5-3.el10_0%3Farch=11" }, { "url": "http://public2.vulnerablecode.io/api/packages/87815?format=api", "purl": "pkg:rpm/redhat/libsoup3@3.6.5-3.el10_1?arch=8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup3@3.6.5-3.el10_1%3Farch=8" }, { "url": "http://public2.vulnerablecode.io/api/packages/87819?format=api", "purl": "pkg:rpm/redhat/spice-client-win@8.10-6.el8_2?arch=1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/spice-client-win@8.10-6.el8_2%3Farch=1" }, { "url": "http://public2.vulnerablecode.io/api/packages/87817?format=api", "purl": "pkg:rpm/redhat/spice-client-win@8.10-6.el8_4?arch=1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/spice-client-win@8.10-6.el8_4%3Farch=1" }, { "url": "http://public2.vulnerablecode.io/api/packages/87821?format=api", "purl": "pkg:rpm/redhat/spice-client-win@8.10-6.el8_6?arch=1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/spice-client-win@8.10-6.el8_6%3Farch=1" }, { "url": "http://public2.vulnerablecode.io/api/packages/87820?format=api", "purl": "pkg:rpm/redhat/spice-client-win@8.10-6.el8_8?arch=1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/spice-client-win@8.10-6.el8_8%3Farch=1" }, { "url": "http://public2.vulnerablecode.io/api/packages/87816?format=api", "purl": "pkg:rpm/redhat/spice-client-win@8.10-6.el8_10?arch=1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-nbx2-3qh6-tqa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/spice-client-win@8.10-6.el8_10%3Farch=1" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14523.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14523.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14523", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03477", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0352", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03483", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03472", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04355", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04323", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04291", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04371", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04364", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05897", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05614", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05607", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05558", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05571", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05729", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05761", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05798", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05806", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05817", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14523" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14523", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14523" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122667", "reference_id": "1122667", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122667" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2421349", "reference_id": "2421349", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2421349" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/472", "reference_id": "472", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/472" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1", "reference_id": "cpe:/o:redhat:enterprise_linux:10.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux_eus:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-14523", "reference_id": "CVE-2025-14523", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-14523" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0421", "reference_id": "RHSA-2026:0421", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0422", "reference_id": "RHSA-2026:0422", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0423", "reference_id": "RHSA-2026:0423", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0836", "reference_id": "RHSA-2026:0836", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0867", "reference_id": "RHSA-2026:0867", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0868", "reference_id": "RHSA-2026:0868", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0905", "reference_id": "RHSA-2026:0905", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0906", "reference_id": "RHSA-2026:0906", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0907", "reference_id": "RHSA-2026:0907", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0908", "reference_id": "RHSA-2026:0908", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0909", "reference_id": "RHSA-2026:0909", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0911", "reference_id": "RHSA-2026:0911", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0925", "reference_id": "RHSA-2026:0925", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0925" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1509", "reference_id": "RHSA-2026:1509", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1509" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1569", "reference_id": "RHSA-2026:1569", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1570", "reference_id": "RHSA-2026:1570", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1571", "reference_id": "RHSA-2026:1571", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1572", "reference_id": "RHSA-2026:1572", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1572" } ], "weaknesses": [ { "cwe_id": 444, "name": "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", "description": "The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination." } ], "exploits": [], "severity_range_score": "8.2 - 8.2", "exploitability": "0.5", "weighted_severity": "7.4", "risk_score": 3.7, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nbx2-3qh6-tqa3" }