VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-xauk-rmhq-cuh2

Essentials
Severities (145)
References (95)
Severity details (128)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-xauk-rmhq-cuh2
Aliases	CVE-2019-15903
Summary	In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early. A subsequent call to XML_GetCurrentLineNumber or XML_GetCurrentColumnNumber then resulted in a heap-based buffer over-read.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-125	Out-of-bounds Read
CWE-776	Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-122	Heap-based Buffer Overflow

System	Score	Found at
cvssv3.1	6.5	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
cvssv3.1	6.5	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
cvssv3.1	6.5	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
cvssv3.1	6.5	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
cvssv3.1	6.5	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
cvssv3.1	6.5	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
cvssv3.1	6.5	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
cvssv3.1	6.5	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
cvssv3.1	6.5	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
cvssv3.1	6.5	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
cvssv3.1	6.5	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
cvssv3.1	6.5	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
ssvc	Track	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
cvssv3.1	6.5	http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
ssvc	Track	http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
cvssv3.1	6.5	http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
ssvc	Track	http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
cvssv3.1	6.5	http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
ssvc	Track	http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
cvssv3.1	6.5	https://access.redhat.com/errata/RHSA-2019:3210
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:3210
cvssv3.1	6.5	https://access.redhat.com/errata/RHSA-2019:3237
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:3237
cvssv3.1	6.5	https://access.redhat.com/errata/RHSA-2019:3756
ssvc	Track	https://access.redhat.com/errata/RHSA-2019:3756
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json
epss	0.00283	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00283	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00283	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00283	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00283	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00314	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00314	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00314	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00314	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00314	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00314	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00314	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00314	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00314	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00314	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00314	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
epss	0.00314	https://api.first.org/data/v1/epss?cve=CVE-2019-15903
cvssv3.1	6.5	http://seclists.org/fulldisclosure/2019/Dec/23
ssvc	Track	http://seclists.org/fulldisclosure/2019/Dec/23
cvssv3.1	6.5	http://seclists.org/fulldisclosure/2019/Dec/26
ssvc	Track	http://seclists.org/fulldisclosure/2019/Dec/26
cvssv3.1	6.5	http://seclists.org/fulldisclosure/2019/Dec/27
ssvc	Track	http://seclists.org/fulldisclosure/2019/Dec/27
cvssv3.1	6.5	http://seclists.org/fulldisclosure/2019/Dec/30
ssvc	Track	http://seclists.org/fulldisclosure/2019/Dec/30
cvssv3.1	7.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	6.5	https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
ssvc	Track	https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
cvssv3.1	6.5	https://github.com/libexpat/libexpat/issues/317
ssvc	Track	https://github.com/libexpat/libexpat/issues/317
cvssv3.1	6.5	https://github.com/libexpat/libexpat/issues/342
ssvc	Track	https://github.com/libexpat/libexpat/issues/342
cvssv3.1	6.5	https://github.com/libexpat/libexpat/pull/318
ssvc	Track	https://github.com/libexpat/libexpat/pull/318
cvssv3.1	6.5	https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
ssvc	Track	https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
cvssv3.1	6.5	https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
ssvc	Track	https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
cvssv3.1	6.5	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
cvssv3.1	6.5	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
cvssv3.1	6.5	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
cvssv2	5.0	https://nvd.nist.gov/vuln/detail/CVE-2019-15903
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2019-15903
cvssv3.1	6.5	https://seclists.org/bugtraq/2019/Dec/17
ssvc	Track	https://seclists.org/bugtraq/2019/Dec/17
cvssv3.1	6.5	https://seclists.org/bugtraq/2019/Dec/21
ssvc	Track	https://seclists.org/bugtraq/2019/Dec/21
cvssv3.1	6.5	https://seclists.org/bugtraq/2019/Dec/23
ssvc	Track	https://seclists.org/bugtraq/2019/Dec/23
cvssv3.1	6.5	https://seclists.org/bugtraq/2019/Nov/1
ssvc	Track	https://seclists.org/bugtraq/2019/Nov/1
cvssv3.1	6.5	https://seclists.org/bugtraq/2019/Nov/24
ssvc	Track	https://seclists.org/bugtraq/2019/Nov/24
cvssv3.1	6.5	https://seclists.org/bugtraq/2019/Oct/29
ssvc	Track	https://seclists.org/bugtraq/2019/Oct/29
cvssv3.1	6.5	https://seclists.org/bugtraq/2019/Sep/30
ssvc	Track	https://seclists.org/bugtraq/2019/Sep/30
cvssv3.1	6.5	https://seclists.org/bugtraq/2019/Sep/37
ssvc	Track	https://seclists.org/bugtraq/2019/Sep/37
archlinux	High	https://security.archlinux.org/AVG-1053
archlinux	Critical	https://security.archlinux.org/AVG-1054
archlinux	Critical	https://security.archlinux.org/AVG-1055
cvssv3.1	6.5	https://security.gentoo.org/glsa/201911-08
ssvc	Track	https://security.gentoo.org/glsa/201911-08
cvssv3.1	6.5	https://security.netapp.com/advisory/ntap-20190926-0004/
ssvc	Track	https://security.netapp.com/advisory/ntap-20190926-0004/
cvssv3.1	6.5	https://support.apple.com/kb/HT210785
ssvc	Track	https://support.apple.com/kb/HT210785
cvssv3.1	6.5	https://support.apple.com/kb/HT210788
ssvc	Track	https://support.apple.com/kb/HT210788
cvssv3.1	6.5	https://support.apple.com/kb/HT210789
ssvc	Track	https://support.apple.com/kb/HT210789
cvssv3.1	6.5	https://support.apple.com/kb/HT210790
ssvc	Track	https://support.apple.com/kb/HT210790
cvssv3.1	6.5	https://support.apple.com/kb/HT210793
ssvc	Track	https://support.apple.com/kb/HT210793
cvssv3.1	6.5	https://support.apple.com/kb/HT210794
ssvc	Track	https://support.apple.com/kb/HT210794
cvssv3.1	6.5	https://support.apple.com/kb/HT210795
ssvc	Track	https://support.apple.com/kb/HT210795
cvssv3.1	6.5	https://usn.ubuntu.com/4132-1/
ssvc	Track	https://usn.ubuntu.com/4132-1/
cvssv3.1	6.5	https://usn.ubuntu.com/4132-2/
ssvc	Track	https://usn.ubuntu.com/4132-2/
cvssv3.1	6.5	https://usn.ubuntu.com/4165-1/
ssvc	Track	https://usn.ubuntu.com/4165-1/
cvssv3.1	6.5	https://usn.ubuntu.com/4202-1/
ssvc	Track	https://usn.ubuntu.com/4202-1/
cvssv3.1	6.5	https://usn.ubuntu.com/4335-1/
ssvc	Track	https://usn.ubuntu.com/4335-1/
cvssv3.1	6.5	https://www.debian.org/security/2019/dsa-4530
ssvc	Track	https://www.debian.org/security/2019/dsa-4530
cvssv3.1	6.5	https://www.debian.org/security/2019/dsa-4549
ssvc	Track	https://www.debian.org/security/2019/dsa-4549
cvssv3.1	6.5	https://www.debian.org/security/2019/dsa-4571
ssvc	Track	https://www.debian.org/security/2019/dsa-4571
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-35
cvssv3.1	6.5	https://www.oracle.com/security-alerts/cpuapr2020.html
ssvc	Track	https://www.oracle.com/security-alerts/cpuapr2020.html
cvssv3.1	6.5	https://www.oracle.com/security-alerts/cpuoct2020.html
ssvc	Track	https://www.oracle.com/security-alerts/cpuoct2020.html
cvssv3.1	6.5	https://www.tenable.com/security/tns-2021-11
ssvc	Track	https://www.tenable.com/security/tns-2021-11

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json
		https://api.first.org/data/v1/epss?cve=CVE-2019-15903
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://www.oracle.com/security-alerts/cpuapr2020.html
		https://www.oracle.com/security-alerts/cpuoct2020.html
1		https://seclists.org/bugtraq/2019/Nov/1
17		https://seclists.org/bugtraq/2019/Dec/17
1752592		https://bugzilla.redhat.com/show_bug.cgi?id=1752592
201911-08		https://security.gentoo.org/glsa/201911-08
21		https://seclists.org/bugtraq/2019/Dec/21
23		http://seclists.org/fulldisclosure/2019/Dec/23
23		https://seclists.org/bugtraq/2019/Dec/23
24		https://seclists.org/bugtraq/2019/Nov/24
26		http://seclists.org/fulldisclosure/2019/Dec/26
27		http://seclists.org/fulldisclosure/2019/Dec/27
29		https://seclists.org/bugtraq/2019/Oct/29
30		http://seclists.org/fulldisclosure/2019/Dec/30
30		https://seclists.org/bugtraq/2019/Sep/30
317		https://github.com/libexpat/libexpat/issues/317
318		https://github.com/libexpat/libexpat/pull/318
342		https://github.com/libexpat/libexpat/issues/342
37		https://seclists.org/bugtraq/2019/Sep/37
939394		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939394
A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
ASA-201910-15		https://security.archlinux.org/ASA-201910-15
ASA-201910-16		https://security.archlinux.org/ASA-201910-16
ASA-201910-17		https://security.archlinux.org/ASA-201910-17
AVG-1053		https://security.archlinux.org/AVG-1053
AVG-1054		https://security.archlinux.org/AVG-1054
AVG-1055		https://security.archlinux.org/AVG-1055
BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
c20b758c332d9a13afbbb276d30db1d183a85d43		https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
cpe:2.3:a:libexpat_project:libexpat::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libexpat_project:libexpat::::::::
cpe:2.3:a:python:python::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
CVE-2019-15903		https://nvd.nist.gov/vuln/detail/CVE-2019-15903
dsa-4530		https://www.debian.org/security/2019/dsa-4530
dsa-4549		https://www.debian.org/security/2019/dsa-4549
dsa-4571		https://www.debian.org/security/2019/dsa-4571
HT210785		https://support.apple.com/kb/HT210785
HT210788		https://support.apple.com/kb/HT210788
HT210789		https://support.apple.com/kb/HT210789
HT210790		https://support.apple.com/kb/HT210790
HT210793		https://support.apple.com/kb/HT210793
HT210794		https://support.apple.com/kb/HT210794
HT210795		https://support.apple.com/kb/HT210795
mfsa2019-33		https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
mfsa2019-34		https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
mfsa2019-35		https://www.mozilla.org/en-US/security/advisories/mfsa2019-35
msg00000.html		http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
msg00002.html		http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
msg00003.html		http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
msg00006.html		https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
msg00008.html		http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
msg00013.html		http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
msg00016.html		http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
msg00017.html		http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
msg00017.html		https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
msg00018.html		http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
msg00019.html		http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
msg00040.html		http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
msg00080.html		http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
msg00081.html		http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
ntap-20190926-0004		https://security.netapp.com/advisory/ntap-20190926-0004/
RHSA-2019:3193		https://access.redhat.com/errata/RHSA-2019:3193
RHSA-2019:3196		https://access.redhat.com/errata/RHSA-2019:3196
RHSA-2019:3210		https://access.redhat.com/errata/RHSA-2019:3210
RHSA-2019:3237		https://access.redhat.com/errata/RHSA-2019:3237
RHSA-2019:3756		https://access.redhat.com/errata/RHSA-2019:3756
RHSA-2020:2644		https://access.redhat.com/errata/RHSA-2020:2644
RHSA-2020:2646		https://access.redhat.com/errata/RHSA-2020:2646
RHSA-2020:3952		https://access.redhat.com/errata/RHSA-2020:3952
RHSA-2020:4484		https://access.redhat.com/errata/RHSA-2020:4484
RHSA-2021:0949		https://access.redhat.com/errata/RHSA-2021:0949
S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
Slackware-Security-Advisory-expat-Updates.html		http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
Slackware-Security-Advisory-mozilla-firefox-Updates.html		http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
Slackware-Security-Advisory-python-Updates.html		http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
tns-2021-11		https://www.tenable.com/security/tns-2021-11
USN-4132-1		https://usn.ubuntu.com/4132-1/
USN-4132-2		https://usn.ubuntu.com/4132-2/
USN-4165-1		https://usn.ubuntu.com/4165-1/
USN-4202-1		https://usn.ubuntu.com/4202-1/
USN-4335-1		https://usn.ubuntu.com/4335-1/
USN-7199-1		https://usn.ubuntu.com/7199-1/
USN-USN-4852-1		https://usn.ubuntu.com/USN-4852-1/
USN-USN-5455-1		https://usn.ubuntu.com/USN-5455-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/errata/RHSA-2019:3210

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://access.redhat.com/errata/RHSA-2019:3210

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/errata/RHSA-2019:3237

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://access.redhat.com/errata/RHSA-2019:3237

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/errata/RHSA-2019:3756

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://access.redhat.com/errata/RHSA-2019:3756

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2019/Dec/23

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://seclists.org/fulldisclosure/2019/Dec/23

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2019/Dec/26

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://seclists.org/fulldisclosure/2019/Dec/26

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2019/Dec/27

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://seclists.org/fulldisclosure/2019/Dec/27

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2019/Dec/30

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at http://seclists.org/fulldisclosure/2019/Dec/30

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/libexpat/libexpat/issues/317

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://github.com/libexpat/libexpat/issues/317

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/libexpat/libexpat/issues/342

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://github.com/libexpat/libexpat/issues/342

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/libexpat/libexpat/pull/318

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://github.com/libexpat/libexpat/pull/318

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2019-15903

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2019-15903

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Dec/17

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Dec/17

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Dec/21

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Dec/21

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Dec/23

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Dec/23

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Nov/1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Nov/1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Nov/24

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Nov/24

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Oct/29

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Oct/29

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Sep/30

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Sep/30

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://seclists.org/bugtraq/2019/Sep/37

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://seclists.org/bugtraq/2019/Sep/37

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://security.gentoo.org/glsa/201911-08

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://security.gentoo.org/glsa/201911-08

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://security.netapp.com/advisory/ntap-20190926-0004/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://security.netapp.com/advisory/ntap-20190926-0004/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT210785

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://support.apple.com/kb/HT210785

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT210788

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://support.apple.com/kb/HT210788

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT210789

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://support.apple.com/kb/HT210789

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT210790

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://support.apple.com/kb/HT210790

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT210793

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://support.apple.com/kb/HT210793

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT210794

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://support.apple.com/kb/HT210794

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT210795

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://support.apple.com/kb/HT210795

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://usn.ubuntu.com/4132-1/

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://usn.ubuntu.com/4132-1/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://usn.ubuntu.com/4132-2/

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://usn.ubuntu.com/4132-2/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://usn.ubuntu.com/4165-1/

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://usn.ubuntu.com/4165-1/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://usn.ubuntu.com/4202-1/

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://usn.ubuntu.com/4202-1/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://usn.ubuntu.com/4335-1/

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://usn.ubuntu.com/4335-1/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.debian.org/security/2019/dsa-4530

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://www.debian.org/security/2019/dsa-4530

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.debian.org/security/2019/dsa-4549

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://www.debian.org/security/2019/dsa-4549

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.debian.org/security/2019/dsa-4571

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://www.debian.org/security/2019/dsa-4571

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.oracle.com/security-alerts/cpuapr2020.html

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://www.oracle.com/security-alerts/cpuapr2020.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.oracle.com/security-alerts/cpuoct2020.html

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://www.oracle.com/security-alerts/cpuoct2020.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.tenable.com/security/tns-2021-11

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/ Found at https://www.tenable.com/security/tns-2021-11

Exploit Prediction Scoring System (EPSS)

Percentile	0.51394
EPSS Score	0.00283
Published At	July 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:09:57.415410+00:00	Mozilla Importer	Import	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2019/mfsa2019-33.yml	37.0.0