Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/80044?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80044?format=api", "vulnerability_id": "VCID-ces5-sduy-9ffu", "summary": "kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients", "aliases": [ { "alias": "CVE-2021-3773" } ], "fixed_packages": [], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/370973?format=api", "purl": "pkg:alpm/archlinux/openvpn@2.5.5-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ces5-sduy-9ffu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/openvpn@2.5.5-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/88529?format=api", "purl": "pkg:rpm/redhat/kernel@4.18.0-372.9.1?arch=el8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kx-xvbj-pkbn" }, { "vulnerability": "VCID-2qny-q8tf-wuae" }, { "vulnerability": "VCID-37tv-2sfx-3qb8" }, { "vulnerability": "VCID-3gu6-k1y3-pugu" }, { "vulnerability": "VCID-3wju-yesf-fbeu" }, { "vulnerability": "VCID-6r94-k48y-3uc3" }, { "vulnerability": "VCID-6spq-ru85-nyhv" }, { "vulnerability": "VCID-767a-utp1-gucs" }, { "vulnerability": "VCID-7m61-6vud-xbhc" }, { "vulnerability": "VCID-7uzv-yevu-nudw" }, { "vulnerability": "VCID-7vp7-hrcm-9bhe" }, { "vulnerability": "VCID-8qm5-qkq2-ubc4" }, { "vulnerability": "VCID-9529-5dun-m7b4" }, { "vulnerability": "VCID-976s-6zc1-8fer" }, { "vulnerability": "VCID-978p-j5hf-rqbq" }, { "vulnerability": "VCID-9gy8-st5c-7ue2" }, { "vulnerability": "VCID-9kjg-mavd-kqa3" }, { "vulnerability": "VCID-9nge-zp2p-p3cg" }, { "vulnerability": "VCID-a2t1-qbac-e3ag" }, { "vulnerability": "VCID-aqgr-gkpx-g3ha" }, { "vulnerability": "VCID-az8z-5q7k-2ye9" }, { "vulnerability": "VCID-bn7s-968w-hfgp" }, { "vulnerability": "VCID-btf1-rxpb-27cw" }, { "vulnerability": "VCID-c4ts-fd4y-pfak" }, { "vulnerability": "VCID-ces5-sduy-9ffu" }, { "vulnerability": "VCID-cmjx-jabf-6ufz" }, { "vulnerability": "VCID-crfn-kwyf-mfck" }, { "vulnerability": "VCID-cs44-jrsv-vffr" }, { "vulnerability": "VCID-cydx-ykad-7ke5" }, { "vulnerability": "VCID-d8tt-dyte-n3dw" }, { "vulnerability": "VCID-dqmv-4ghe-xub3" }, { "vulnerability": "VCID-esdj-3j8r-83hv" }, { "vulnerability": "VCID-f8jk-dpun-tfgc" }, { "vulnerability": "VCID-fnj5-8b82-k3gq" }, { "vulnerability": "VCID-gs8w-v2yr-a7dg" }, { "vulnerability": "VCID-jwcy-jz4z-5bhr" }, { "vulnerability": "VCID-k7jb-9mt3-pude" }, { "vulnerability": "VCID-myhs-bxz5-13bh" }, { "vulnerability": "VCID-n49a-3z3m-ukej" }, { "vulnerability": "VCID-npk2-d7vh-4fhd" }, { "vulnerability": "VCID-pqcc-bjwr-q7f3" }, { "vulnerability": "VCID-py6r-aqaw-73hg" }, { "vulnerability": "VCID-q518-8f8w-x7ea" }, { "vulnerability": "VCID-q9fn-q4hm-cygt" }, { "vulnerability": "VCID-r314-48hu-gfb5" }, { "vulnerability": "VCID-ragr-wgmc-pbe3" }, { "vulnerability": "VCID-rhh5-t7x7-77bt" }, { "vulnerability": "VCID-rkc9-5rqz-2qap" }, { "vulnerability": "VCID-s6wh-1hrj-xqd7" }, { "vulnerability": "VCID-shy5-t49f-pfb9" }, { "vulnerability": "VCID-sz2h-5ef2-zba5" }, { "vulnerability": "VCID-t49z-au64-uyf8" }, { "vulnerability": "VCID-tenk-bzzp-ake8" }, { "vulnerability": "VCID-ttj8-jrsa-u3e4" }, { "vulnerability": "VCID-u4gb-1hyn-m7g4" }, { "vulnerability": "VCID-v597-1p28-2qbb" }, { "vulnerability": "VCID-vmwk-vcvx-jyff" }, { "vulnerability": "VCID-vnt5-rgu1-xkcw" }, { "vulnerability": "VCID-vq7y-fpac-p7c1" }, { "vulnerability": "VCID-vuzj-f6kq-jqfv" }, { "vulnerability": "VCID-whfj-b8tn-5kgc" }, { "vulnerability": "VCID-wqrb-v41r-y7bn" }, { "vulnerability": "VCID-x8qp-4p75-xbfc" }, { "vulnerability": "VCID-xtbh-wee7-3qgj" }, { "vulnerability": "VCID-yxeb-ww1y-yfg6" }, { "vulnerability": "VCID-z4rz-94cg-wfby" }, { "vulnerability": "VCID-zt7m-55n5-3ygp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@4.18.0-372.9.1%3Farch=el8" }, { "url": "http://public2.vulnerablecode.io/api/packages/93053?format=api", "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-372.9.1.rt7.166?arch=el8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2qny-q8tf-wuae" }, { "vulnerability": "VCID-37tv-2sfx-3qb8" }, { "vulnerability": "VCID-3wju-yesf-fbeu" }, { "vulnerability": "VCID-6r94-k48y-3uc3" }, { "vulnerability": "VCID-767a-utp1-gucs" }, { "vulnerability": "VCID-8qm5-qkq2-ubc4" }, { "vulnerability": "VCID-9529-5dun-m7b4" }, { "vulnerability": "VCID-976s-6zc1-8fer" }, { "vulnerability": "VCID-978p-j5hf-rqbq" }, { "vulnerability": "VCID-9gy8-st5c-7ue2" }, { "vulnerability": "VCID-9kjg-mavd-kqa3" }, { "vulnerability": "VCID-9nge-zp2p-p3cg" }, { "vulnerability": "VCID-aqgr-gkpx-g3ha" }, { "vulnerability": "VCID-btf1-rxpb-27cw" }, { "vulnerability": "VCID-ces5-sduy-9ffu" }, { "vulnerability": "VCID-cmjx-jabf-6ufz" }, { "vulnerability": "VCID-cs44-jrsv-vffr" }, { "vulnerability": "VCID-cydx-ykad-7ke5" }, { "vulnerability": "VCID-d8tt-dyte-n3dw" }, { "vulnerability": "VCID-dqmv-4ghe-xub3" }, { "vulnerability": "VCID-esdj-3j8r-83hv" }, { "vulnerability": "VCID-fnj5-8b82-k3gq" }, { "vulnerability": "VCID-gs8w-v2yr-a7dg" }, { "vulnerability": "VCID-myhs-bxz5-13bh" }, { "vulnerability": "VCID-n49a-3z3m-ukej" }, { "vulnerability": "VCID-npk2-d7vh-4fhd" }, { "vulnerability": "VCID-q518-8f8w-x7ea" }, { "vulnerability": "VCID-q9fn-q4hm-cygt" }, { "vulnerability": "VCID-r314-48hu-gfb5" }, { "vulnerability": "VCID-ragr-wgmc-pbe3" }, { "vulnerability": "VCID-rhh5-t7x7-77bt" }, { "vulnerability": "VCID-rkc9-5rqz-2qap" }, { "vulnerability": "VCID-s6wh-1hrj-xqd7" }, { "vulnerability": "VCID-shy5-t49f-pfb9" }, { "vulnerability": "VCID-sz2h-5ef2-zba5" }, { "vulnerability": "VCID-t49z-au64-uyf8" }, { "vulnerability": "VCID-tenk-bzzp-ake8" }, { "vulnerability": "VCID-ttj8-jrsa-u3e4" }, { "vulnerability": "VCID-u4gb-1hyn-m7g4" }, { "vulnerability": "VCID-vnt5-rgu1-xkcw" }, { "vulnerability": "VCID-vq7y-fpac-p7c1" }, { "vulnerability": "VCID-vuzj-f6kq-jqfv" }, { "vulnerability": "VCID-whfj-b8tn-5kgc" }, { "vulnerability": "VCID-wqrb-v41r-y7bn" }, { "vulnerability": "VCID-x8qp-4p75-xbfc" }, { "vulnerability": "VCID-z4rz-94cg-wfby" }, { "vulnerability": "VCID-zr1y-jgz4-fudc" }, { "vulnerability": "VCID-zt7m-55n5-3ygp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel-rt@4.18.0-372.9.1.rt7.166%3Farch=el8" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3773.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3773.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3773", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00596", "scoring_system": "epss", "scoring_elements": "0.69443", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70803", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70894", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70948", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70958", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70957", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70939", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70818", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70836", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70811", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70855", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.7087", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70893", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70877", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70862", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70908", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.70914", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3773" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004949", "reference_id": "2004949", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-16T18:42:22Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004949" }, { "reference_url": "https://security.archlinux.org/AVG-2367", "reference_id": "AVG-2367", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1975", "reference_id": "RHSA-2022:1975", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1975" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1988", "reference_id": "RHSA-2022:1988", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1988" }, { "reference_url": "https://citizenlab.ca/2024/07/vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024/", "reference_id": "vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-16T18:42:22Z/" } ], "url": "https://citizenlab.ca/2024/07/vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024/" } ], "weaknesses": [ { "cwe_id": 200, "name": "Exposure of Sensitive Information to an Unauthorized Actor", "description": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ces5-sduy-9ffu" }