Search for vulnerabilities
Vulnerability details: VCID-jnbc-rb8g-aaaq
Vulnerability ID VCID-jnbc-rb8g-aaaq
Aliases CVE-2019-15903
Summary In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-125 Out-of-bounds Read
CWE-776 Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-122 Heap-based Buffer Overflow
System Score Found at
cvssv3.1 6.5 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
ssvc Track http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
cvssv3.1 6.5 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
ssvc Track http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
cvssv3.1 6.5 http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
ssvc Track http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
cvssv3.1 6.5 http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
ssvc Track http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
cvssv3.1 6.5 http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
ssvc Track http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
cvssv3.1 6.5 http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
ssvc Track http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
cvssv3.1 6.5 http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
ssvc Track http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
cvssv3.1 6.5 http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
ssvc Track http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
cvssv3.1 6.5 http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
ssvc Track http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
cvssv3.1 6.5 http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
ssvc Track http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
cvssv3.1 6.5 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
ssvc Track http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
cvssv3.1 6.5 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
ssvc Track http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
cvssv3.1 6.5 http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
ssvc Track http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
cvssv3.1 6.5 http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
ssvc Track http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
cvssv3.1 6.5 http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
ssvc Track http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15903.html
rhas Critical https://access.redhat.com/errata/RHSA-2019:3193
rhas Critical https://access.redhat.com/errata/RHSA-2019:3196
cvssv3.1 6.5 https://access.redhat.com/errata/RHSA-2019:3210
ssvc Track https://access.redhat.com/errata/RHSA-2019:3210
cvssv3.1 6.5 https://access.redhat.com/errata/RHSA-2019:3237
ssvc Track https://access.redhat.com/errata/RHSA-2019:3237
cvssv3.1 6.5 https://access.redhat.com/errata/RHSA-2019:3756
ssvc Track https://access.redhat.com/errata/RHSA-2019:3756
rhas Important https://access.redhat.com/errata/RHSA-2020:2644
rhas Important https://access.redhat.com/errata/RHSA-2020:2646
rhas Moderate https://access.redhat.com/errata/RHSA-2020:3952
rhas Moderate https://access.redhat.com/errata/RHSA-2020:4484
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00221 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00221 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00221 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00221 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00275 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00275 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00275 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00275 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00275 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00275 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00275 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00275 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00275 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00275 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00275 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00275 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00337 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00337 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00337 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00337 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00337 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00337 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00337 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00337 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00337 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00337 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00337 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00337 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00337 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00373 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00456 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00456 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00456 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00456 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00456 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00456 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00456 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00456 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00456 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00456 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00456 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00456 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.00688 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.01395 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.04769 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.04769 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.04769 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss 0.04769 https://api.first.org/data/v1/epss?cve=CVE-2019-15903
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1752592
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2019/Dec/23
ssvc Track http://seclists.org/fulldisclosure/2019/Dec/23
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2019/Dec/26
ssvc Track http://seclists.org/fulldisclosure/2019/Dec/26
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2019/Dec/27
ssvc Track http://seclists.org/fulldisclosure/2019/Dec/27
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2019/Dec/30
ssvc Track http://seclists.org/fulldisclosure/2019/Dec/30
cvssv3.1 7.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 6.5 https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
generic_textual Medium https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
ssvc Track https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
cvssv3.1 6.5 https://github.com/libexpat/libexpat/issues/317
generic_textual Medium https://github.com/libexpat/libexpat/issues/317
ssvc Track https://github.com/libexpat/libexpat/issues/317
cvssv3.1 6.5 https://github.com/libexpat/libexpat/issues/342
ssvc Track https://github.com/libexpat/libexpat/issues/342
cvssv3.1 6.5 https://github.com/libexpat/libexpat/pull/318
generic_textual Medium https://github.com/libexpat/libexpat/pull/318
ssvc Track https://github.com/libexpat/libexpat/pull/318
cvssv3.1 6.5 https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
ssvc Track https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
cvssv3.1 6.5 https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
ssvc Track https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
cvssv3.1 6.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
cvssv3.1 6.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
cvssv3.1 6.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2019-15903
cvssv3 7.5 https://nvd.nist.gov/vuln/detail/CVE-2019-15903
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2019-15903
cvssv3.1 6.5 https://seclists.org/bugtraq/2019/Dec/17
ssvc Track https://seclists.org/bugtraq/2019/Dec/17
cvssv3.1 6.5 https://seclists.org/bugtraq/2019/Dec/21
ssvc Track https://seclists.org/bugtraq/2019/Dec/21
cvssv3.1 6.5 https://seclists.org/bugtraq/2019/Dec/23
ssvc Track https://seclists.org/bugtraq/2019/Dec/23
cvssv3.1 6.5 https://seclists.org/bugtraq/2019/Nov/1
ssvc Track https://seclists.org/bugtraq/2019/Nov/1
cvssv3.1 6.5 https://seclists.org/bugtraq/2019/Nov/24
ssvc Track https://seclists.org/bugtraq/2019/Nov/24
cvssv3.1 6.5 https://seclists.org/bugtraq/2019/Oct/29
ssvc Track https://seclists.org/bugtraq/2019/Oct/29
cvssv3.1 6.5 https://seclists.org/bugtraq/2019/Sep/30
ssvc Track https://seclists.org/bugtraq/2019/Sep/30
cvssv3.1 6.5 https://seclists.org/bugtraq/2019/Sep/37
ssvc Track https://seclists.org/bugtraq/2019/Sep/37
archlinux High https://security.archlinux.org/AVG-1053
archlinux Critical https://security.archlinux.org/AVG-1054
archlinux Critical https://security.archlinux.org/AVG-1055
cvssv3.1 6.5 https://security.gentoo.org/glsa/201911-08
ssvc Track https://security.gentoo.org/glsa/201911-08
cvssv3.1 6.5 https://security.netapp.com/advisory/ntap-20190926-0004/
ssvc Track https://security.netapp.com/advisory/ntap-20190926-0004/
cvssv3.1 6.5 https://support.apple.com/kb/HT210785
ssvc Track https://support.apple.com/kb/HT210785
cvssv3.1 6.5 https://support.apple.com/kb/HT210788
ssvc Track https://support.apple.com/kb/HT210788
cvssv3.1 6.5 https://support.apple.com/kb/HT210789
ssvc Track https://support.apple.com/kb/HT210789
cvssv3.1 6.5 https://support.apple.com/kb/HT210790
ssvc Track https://support.apple.com/kb/HT210790
cvssv3.1 6.5 https://support.apple.com/kb/HT210793
ssvc Track https://support.apple.com/kb/HT210793
cvssv3.1 6.5 https://support.apple.com/kb/HT210794
ssvc Track https://support.apple.com/kb/HT210794
cvssv3.1 6.5 https://support.apple.com/kb/HT210795
ssvc Track https://support.apple.com/kb/HT210795
generic_textual Medium https://ubuntu.com/security/notices/USN-4132-1
generic_textual Medium https://ubuntu.com/security/notices/USN-4132-2
generic_textual Low https://ubuntu.com/security/notices/USN-4165-1
generic_textual Medium https://ubuntu.com/security/notices/USN-4202-1
generic_textual Medium https://ubuntu.com/security/notices/USN-4335-1
cvssv3.1 6.5 https://usn.ubuntu.com/4132-1/
ssvc Track https://usn.ubuntu.com/4132-1/
cvssv3.1 6.5 https://usn.ubuntu.com/4132-2/
ssvc Track https://usn.ubuntu.com/4132-2/
cvssv3.1 6.5 https://usn.ubuntu.com/4165-1/
ssvc Track https://usn.ubuntu.com/4165-1/
cvssv3.1 6.5 https://usn.ubuntu.com/4202-1/
ssvc Track https://usn.ubuntu.com/4202-1/
cvssv3.1 6.5 https://usn.ubuntu.com/4335-1/
ssvc Track https://usn.ubuntu.com/4335-1/
generic_textual Medium https://usn.ubuntu.com/usn/usn-4132-1
generic_textual Medium https://usn.ubuntu.com/usn/usn-4132-2
generic_textual Low https://usn.ubuntu.com/usn/usn-4165-1
generic_textual Medium https://usn.ubuntu.com/usn/usn-4202-1
generic_textual Medium https://usn.ubuntu.com/usn/usn-4335-1
cvssv3.1 6.5 https://www.debian.org/security/2019/dsa-4530
ssvc Track https://www.debian.org/security/2019/dsa-4530
cvssv3.1 6.5 https://www.debian.org/security/2019/dsa-4549
ssvc Track https://www.debian.org/security/2019/dsa-4549
cvssv3.1 6.5 https://www.debian.org/security/2019/dsa-4571
ssvc Track https://www.debian.org/security/2019/dsa-4571
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
generic_textual Medium https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-15903
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2019-35
cvssv3.1 6.5 https://www.oracle.com/security-alerts/cpuapr2020.html
cvssv3.1 9.8 https://www.oracle.com/security-alerts/cpuapr2020.html
generic_textual CRITICAL https://www.oracle.com/security-alerts/cpuapr2020.html
ssvc Track https://www.oracle.com/security-alerts/cpuapr2020.html
cvssv3.1 6.5 https://www.oracle.com/security-alerts/cpuoct2020.html
cvssv3.1 9.8 https://www.oracle.com/security-alerts/cpuoct2020.html
generic_textual CRITICAL https://www.oracle.com/security-alerts/cpuoct2020.html
ssvc Track https://www.oracle.com/security-alerts/cpuoct2020.html
cvssv3.1 6.5 https://www.tenable.com/security/tns-2021-11
ssvc Track https://www.tenable.com/security/tns-2021-11
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15903.html
https://access.redhat.com/errata/RHSA-2019:3210
https://access.redhat.com/errata/RHSA-2019:3237
https://access.redhat.com/errata/RHSA-2019:3756
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json
https://api.first.org/data/v1/epss?cve=CVE-2019-15903
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
http://seclists.org/fulldisclosure/2019/Dec/23
http://seclists.org/fulldisclosure/2019/Dec/26
http://seclists.org/fulldisclosure/2019/Dec/27
http://seclists.org/fulldisclosure/2019/Dec/30
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
https://github.com/libexpat/libexpat/issues/317
https://github.com/libexpat/libexpat/issues/342
https://github.com/libexpat/libexpat/pull/318
https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
https://seclists.org/bugtraq/2019/Dec/17
https://seclists.org/bugtraq/2019/Dec/21
https://seclists.org/bugtraq/2019/Dec/23
https://seclists.org/bugtraq/2019/Nov/1
https://seclists.org/bugtraq/2019/Nov/24
https://seclists.org/bugtraq/2019/Oct/29
https://seclists.org/bugtraq/2019/Sep/30
https://seclists.org/bugtraq/2019/Sep/37
https://security.gentoo.org/glsa/201911-08
https://security.netapp.com/advisory/ntap-20190926-0004/
https://support.apple.com/kb/HT210785
https://support.apple.com/kb/HT210788
https://support.apple.com/kb/HT210789
https://support.apple.com/kb/HT210790
https://support.apple.com/kb/HT210793
https://support.apple.com/kb/HT210794
https://support.apple.com/kb/HT210795
https://ubuntu.com/security/notices/USN-4132-1
https://ubuntu.com/security/notices/USN-4132-2
https://ubuntu.com/security/notices/USN-4165-1
https://ubuntu.com/security/notices/USN-4202-1
https://ubuntu.com/security/notices/USN-4335-1
https://usn.ubuntu.com/4132-1/
https://usn.ubuntu.com/4132-2/
https://usn.ubuntu.com/4165-1/
https://usn.ubuntu.com/4202-1/
https://usn.ubuntu.com/4335-1/
https://usn.ubuntu.com/usn/usn-4132-1
https://usn.ubuntu.com/usn/usn-4132-2
https://usn.ubuntu.com/usn/usn-4165-1
https://usn.ubuntu.com/usn/usn-4202-1
https://usn.ubuntu.com/usn/usn-4335-1
https://www.debian.org/security/2019/dsa-4530
https://www.debian.org/security/2019/dsa-4549
https://www.debian.org/security/2019/dsa-4571
https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-15903
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.tenable.com/security/tns-2021-11
1752592 https://bugzilla.redhat.com/show_bug.cgi?id=1752592
939394 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939394
ASA-201910-15 https://security.archlinux.org/ASA-201910-15
ASA-201910-16 https://security.archlinux.org/ASA-201910-16
ASA-201910-17 https://security.archlinux.org/ASA-201910-17
AVG-1053 https://security.archlinux.org/AVG-1053
AVG-1054 https://security.archlinux.org/AVG-1054
AVG-1055 https://security.archlinux.org/AVG-1055
cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
cpe:2.3:a:python:python:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
CVE-2019-15903 https://nvd.nist.gov/vuln/detail/CVE-2019-15903
mfsa2019-33 https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
mfsa2019-34 https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
mfsa2019-35 https://www.mozilla.org/en-US/security/advisories/mfsa2019-35
RHSA-2019:3193 https://access.redhat.com/errata/RHSA-2019:3193
RHSA-2019:3196 https://access.redhat.com/errata/RHSA-2019:3196
RHSA-2020:2644 https://access.redhat.com/errata/RHSA-2020:2644
RHSA-2020:2646 https://access.redhat.com/errata/RHSA-2020:2646
RHSA-2020:3952 https://access.redhat.com/errata/RHSA-2020:3952
RHSA-2020:4484 https://access.redhat.com/errata/RHSA-2020:4484
RHSA-2021:0949 https://access.redhat.com/errata/RHSA-2021:0949
USN-7199-1 https://usn.ubuntu.com/7199-1/
USN-USN-4852-1 https://usn.ubuntu.com/USN-4852-1/
USN-USN-5455-1 https://usn.ubuntu.com/USN-5455-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/errata/RHSA-2019:3210
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://access.redhat.com/errata/RHSA-2019:3210
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/errata/RHSA-2019:3237
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://access.redhat.com/errata/RHSA-2019:3237
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/errata/RHSA-2019:3756
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://access.redhat.com/errata/RHSA-2019:3756
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2019/Dec/23
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://seclists.org/fulldisclosure/2019/Dec/23
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2019/Dec/26
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://seclists.org/fulldisclosure/2019/Dec/26
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2019/Dec/27
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://seclists.org/fulldisclosure/2019/Dec/27
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2019/Dec/30
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://seclists.org/fulldisclosure/2019/Dec/30
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/libexpat/libexpat/issues/317
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://github.com/libexpat/libexpat/issues/317
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/libexpat/libexpat/issues/342
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://github.com/libexpat/libexpat/issues/342
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/libexpat/libexpat/pull/318
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://github.com/libexpat/libexpat/pull/318
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2019-15903
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2019-15903
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2019-15903
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Dec/17
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Dec/17
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Dec/21
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Dec/21
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Dec/23
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Dec/23
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Nov/1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Nov/1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Nov/24
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Nov/24
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Oct/29
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Oct/29
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Sep/30
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Sep/30
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Sep/37
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Sep/37
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://security.gentoo.org/glsa/201911-08
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://security.gentoo.org/glsa/201911-08
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://security.netapp.com/advisory/ntap-20190926-0004/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://security.netapp.com/advisory/ntap-20190926-0004/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT210785
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://support.apple.com/kb/HT210785
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT210788
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://support.apple.com/kb/HT210788
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT210789
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://support.apple.com/kb/HT210789
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT210790
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://support.apple.com/kb/HT210790
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT210793
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://support.apple.com/kb/HT210793
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT210794
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://support.apple.com/kb/HT210794
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT210795
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://support.apple.com/kb/HT210795
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://usn.ubuntu.com/4132-1/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://usn.ubuntu.com/4132-1/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://usn.ubuntu.com/4132-2/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://usn.ubuntu.com/4132-2/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://usn.ubuntu.com/4165-1/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://usn.ubuntu.com/4165-1/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://usn.ubuntu.com/4202-1/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://usn.ubuntu.com/4202-1/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://usn.ubuntu.com/4335-1/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://usn.ubuntu.com/4335-1/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.debian.org/security/2019/dsa-4530
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://www.debian.org/security/2019/dsa-4530
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.debian.org/security/2019/dsa-4549
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://www.debian.org/security/2019/dsa-4549
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.debian.org/security/2019/dsa-4571
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://www.debian.org/security/2019/dsa-4571
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.oracle.com/security-alerts/cpuapr2020.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpuapr2020.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://www.oracle.com/security-alerts/cpuapr2020.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.oracle.com/security-alerts/cpuoct2020.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpuoct2020.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://www.oracle.com/security-alerts/cpuoct2020.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.tenable.com/security/tns-2021-11
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://www.tenable.com/security/tns-2021-11
Exploit Prediction Scoring System (EPSS)
Percentile 0.42514
EPSS Score 0.00199
Published At June 15, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.