[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-10160":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":679,"aliases":680,"duplicate_of":9,"upstream":681,"downstream":682,"duplicates":731,"related":732,"reserved_at":9,"published_at":748,"modified_at":749,"state":750,"summary":751,"references_raw":760,"kevs":886,"epss":887,"epss_history":890,"metrics":1152,"affected":1165},"CVE-2019-10160","A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application.",null,[11,588],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-522","Insufficiently Protected Credentials","The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.","weakness","Incomplete","Class",[19,23,77,81,156,232,313,367,397,438,497,532,584],{"id":20,"name":21,"techniques":22},"CAPEC-102","Session Sidejacking",[],{"id":24,"name":25,"techniques":26},"CAPEC-474","Signature Spoofing by Key Theft",[27],{"id":28,"name":29,"tactics":30,"countermeasures":34},"T1552.004","Private Keys",[31],{"id":32,"name":33},"TA0031","Credential Access",[35,40,45,49,54,59,63,67,72],{"id":36,"name":37,"tactic":38},"D3-CCSA","Credential Compromise Scope Analysis",{"name":39},"Detect",{"id":41,"name":42,"tactic":43},"D3-CR","Credential Revocation",{"name":44},"Evict",{"id":46,"name":47,"tactic":48},"D3-ANCI","Authentication Cache Invalidation",{"name":44},{"id":50,"name":51,"tactic":52},"D3-DUC","Decoy User Credential",{"name":53},"Deceive",{"id":55,"name":56,"tactic":57},"D3-CH","Credential Hardening",{"name":58},"Harden",{"id":60,"name":61,"tactic":62},"D3-MFA","Multi-factor Authentication",{"name":58},{"id":64,"name":65,"tactic":66},"D3-CRO","Credential Rotation",{"name":58},{"id":68,"name":69,"tactic":70},"D3-RIC","Reissue Credential",{"name":71},"Restore",{"id":73,"name":74,"tactic":75},"D3-CTS","Credential Transmission Scoping",{"name":76},"Isolate",{"id":78,"name":79,"techniques":80},"CAPEC-50","Password Recovery Exploitation",[],{"id":82,"name":83,"techniques":84},"CAPEC-509","Kerberoasting",[85],{"id":86,"name":83,"tactics":87,"countermeasures":89},"T1558.003",[88],{"id":32,"name":33},[90,94,98,102,106,110,114,118,122,124,128,130,132,134,136,138,140,144,148,150,154],{"id":91,"name":92,"tactic":93},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":39},{"id":95,"name":96,"tactic":97},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":39},{"id":99,"name":100,"tactic":101},"D3-CSPP","Client-server Payload Profiling",{"name":39},{"id":103,"name":104,"tactic":105},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":39},{"id":107,"name":108,"tactic":109},"D3-NTSA","Network Traffic Signature Analysis",{"name":39},{"id":111,"name":112,"tactic":113},"D3-APCA","Application Protocol Command Analysis",{"name":39},{"id":115,"name":116,"tactic":117},"D3-NTCD","Network Traffic Community Deviation",{"name":39},{"id":119,"name":120,"tactic":121},"D3-RTSD","Remote Terminal Session Detection",{"name":39},{"id":36,"name":37,"tactic":123},{"name":39},{"id":125,"name":126,"tactic":127},"D3-RTA","RPC Traffic Analysis",{"name":39},{"id":41,"name":42,"tactic":129},{"name":44},{"id":46,"name":47,"tactic":131},{"name":44},{"id":50,"name":51,"tactic":133},{"name":53},{"id":55,"name":56,"tactic":135},{"name":58},{"id":60,"name":61,"tactic":137},{"name":58},{"id":64,"name":65,"tactic":139},{"name":58},{"id":141,"name":142,"tactic":143},"D3-TB","Token Binding",{"name":58},{"id":145,"name":146,"tactic":147},"D3-TBA","Token-based Authentication",{"name":58},{"id":68,"name":69,"tactic":149},{"name":71},{"id":151,"name":152,"tactic":153},"D3-NTF","Network Traffic Filtering",{"name":76},{"id":73,"name":74,"tactic":155},{"name":76},{"id":157,"name":158,"techniques":159},"CAPEC-551","Modify Existing Service",[160],{"id":161,"name":162,"tactics":163,"countermeasures":170},"T1543","Create or Modify System Process",[164,167],{"id":165,"name":166},"TA0110","Persistence",{"id":168,"name":169},"TA0111","Privilege Escalation",[171,176,180,184,188,192,196,200,204,208,212,216,220,224,228],{"id":172,"name":173,"tactic":174},"D3-DI","Data Inventory",{"name":175},"Model",{"id":177,"name":178,"tactic":179},"D3-FA","File Analysis",{"name":39},{"id":181,"name":182,"tactic":183},"D3-FIM","File Integrity Monitoring",{"name":39},{"id":185,"name":186,"tactic":187},"D3-SFA","System File Analysis",{"name":39},{"id":189,"name":190,"tactic":191},"D3-FEV","File Eviction",{"name":44},{"id":193,"name":194,"tactic":195},"D3-DF","Decoy File",{"name":53},{"id":197,"name":198,"tactic":199},"D3-FE","File Encryption",{"name":58},{"id":201,"name":202,"tactic":203},"D3-SCP","System Configuration Permissions",{"name":58},{"id":205,"name":206,"tactic":207},"D3-RF","Restore File",{"name":71},{"id":209,"name":210,"tactic":211},"D3-RD","Restore Database",{"name":71},{"id":213,"name":214,"tactic":215},"D3-CF","Content Filtering",{"name":76},{"id":217,"name":218,"tactic":219},"D3-LFP","Local File Permissions",{"name":76},{"id":221,"name":222,"tactic":223},"D3-RFAM","Remote File Access Mediation",{"name":76},{"id":225,"name":226,"tactic":227},"D3-CQ","Content Quarantine",{"name":76},{"id":229,"name":230,"tactic":231},"D3-CM","Content Modification",{"name":76},{"id":233,"name":234,"techniques":235},"CAPEC-555","Remote Services with Stolen Credentials",[236,270,302],{"id":237,"name":238,"tactics":239,"countermeasures":243},"T1021","Remote Services",[240],{"id":241,"name":242},"TA0109","Lateral Movement",[244,246,248,250,252,254,256,258,260,264,268],{"id":91,"name":92,"tactic":245},{"name":39},{"id":95,"name":96,"tactic":247},{"name":39},{"id":99,"name":100,"tactic":249},{"name":39},{"id":103,"name":104,"tactic":251},{"name":39},{"id":107,"name":108,"tactic":253},{"name":39},{"id":111,"name":112,"tactic":255},{"name":39},{"id":115,"name":116,"tactic":257},{"name":39},{"id":119,"name":120,"tactic":259},{"name":39},{"id":261,"name":262,"tactic":263},"D3-CAA","Connection Attempt Analysis",{"name":39},{"id":265,"name":266,"tactic":267},"D3-ST","Session Termination",{"name":44},{"id":151,"name":152,"tactic":269},{"name":76},{"id":271,"name":272,"tactics":273,"countermeasures":277},"T1114.002","Remote Email Collection",[274],{"id":275,"name":276},"TA0100","Collection",[278,282,286,290,294,298],{"id":279,"name":280,"tactic":281},"D3-NNI","Network Node Inventory",{"name":175},{"id":283,"name":284,"tactic":285},"D3-PLM","Physical Link Mapping",{"name":175},{"id":287,"name":288,"tactic":289},"D3-LLM","Logical Link Mapping",{"name":175},{"id":291,"name":292,"tactic":293},"D3-EHB","Endpoint Health Beacon",{"name":39},{"id":295,"name":296,"tactic":297},"D3-ER","Email Removal",{"name":44},{"id":299,"name":300,"tactic":301},"D3-RNA","Restore Network Access",{"name":71},{"id":303,"name":304,"tactics":305,"countermeasures":310},"T1133","External Remote Services",[306,307],{"id":165,"name":166},{"id":308,"name":309},"TA0108","Initial Access",[311],{"id":265,"name":266,"tactic":312},{"name":44},{"id":314,"name":315,"techniques":316},"CAPEC-560","Use of Known Domain Credentials",[317],{"id":318,"name":319,"tactics":320,"countermeasures":330},"T1078","Valid Accounts",[321,324,327,328,329],{"id":322,"name":323},"TA0030","Defense Evasion",{"id":325,"name":326},"TA0005","Stealth",{"id":165,"name":166},{"id":168,"name":169},{"id":308,"name":309},[331,335,339,343,347,351,355,359,363],{"id":332,"name":333,"tactic":334},"D3-AM","Access Modeling",{"name":175},{"id":336,"name":337,"tactic":338},"D3-LAM","Local Account Monitoring",{"name":39},{"id":340,"name":341,"tactic":342},"D3-DAM","Domain Account Monitoring",{"name":39},{"id":344,"name":345,"tactic":346},"D3-AL","Account Locking",{"name":44},{"id":348,"name":349,"tactic":350},"D3-AA","Agent Authentication",{"name":58},{"id":352,"name":353,"tactic":354},"D3-CDP","Change Default Password",{"name":58},{"id":356,"name":357,"tactic":358},"D3-ULA","Unlock Account",{"name":71},{"id":360,"name":361,"tactic":362},"D3-RUAA","Restore User Account Access",{"name":71},{"id":364,"name":365,"tactic":366},"D3-UAP","User Account Permissions",{"name":76},{"id":368,"name":369,"techniques":370},"CAPEC-561","Windows Admin Shares with Stolen Credentials",[371],{"id":372,"name":373,"tactics":374,"countermeasures":376},"T1021.002","SMB/Windows Admin Shares",[375],{"id":241,"name":242},[377,379,381,383,385,387,389,391,393,395],{"id":91,"name":92,"tactic":378},{"name":39},{"id":95,"name":96,"tactic":380},{"name":39},{"id":99,"name":100,"tactic":382},{"name":39},{"id":103,"name":104,"tactic":384},{"name":39},{"id":107,"name":108,"tactic":386},{"name":39},{"id":111,"name":112,"tactic":388},{"name":39},{"id":115,"name":116,"tactic":390},{"name":39},{"id":119,"name":120,"tactic":392},{"name":39},{"id":261,"name":262,"tactic":394},{"name":39},{"id":151,"name":152,"tactic":396},{"name":76},{"id":398,"name":399,"techniques":400},"CAPEC-600","Credential Stuffing",[401],{"id":402,"name":399,"tactics":403,"countermeasures":405},"T1110.004",[404],{"id":32,"name":33},[406,410,414,416,418,420,422,424,426,428,430,432,436],{"id":407,"name":408,"tactic":409},"D3-AEM","Application Exception Monitoring",{"name":39},{"id":411,"name":412,"tactic":413},"D3-OPM","Operational Process Monitoring",{"name":39},{"id":91,"name":92,"tactic":415},{"name":39},{"id":95,"name":96,"tactic":417},{"name":39},{"id":99,"name":100,"tactic":419},{"name":39},{"id":103,"name":104,"tactic":421},{"name":39},{"id":107,"name":108,"tactic":423},{"name":39},{"id":111,"name":112,"tactic":425},{"name":39},{"id":115,"name":116,"tactic":427},{"name":39},{"id":119,"name":120,"tactic":429},{"name":39},{"id":261,"name":262,"tactic":431},{"name":39},{"id":433,"name":434,"tactic":435},"D3-ANAA","Administrative Network Activity Analysis",{"name":39},{"id":151,"name":152,"tactic":437},{"name":76},{"id":439,"name":440,"techniques":441},"CAPEC-644","Use of Captured Hashes (Pass The Hash)",[442],{"id":443,"name":444,"tactics":445,"countermeasures":448},"T1550.002","Pass the Hash",[446,447],{"id":322,"name":323},{"id":241,"name":242},[449,453,457,461,465,469,473,477,481,485,489,493],{"id":450,"name":451,"tactic":452},"D3-PLA","Process Lineage Analysis",{"name":39},{"id":454,"name":455,"tactic":456},"D3-PSMD","Process Self-Modification Detection",{"name":39},{"id":458,"name":459,"tactic":460},"D3-PSA","Process Spawn Analysis",{"name":39},{"id":462,"name":463,"tactic":464},"D3-PT","Process Termination",{"name":44},{"id":466,"name":467,"tactic":468},"D3-PS","Process Suspension",{"name":44},{"id":470,"name":471,"tactic":472},"D3-HR","Host Reboot",{"name":44},{"id":474,"name":475,"tactic":476},"D3-HS","Host Shutdown",{"name":44},{"id":478,"name":479,"tactic":480},"D3-KBPI","Kernel-based Process Isolation",{"name":76},{"id":482,"name":483,"tactic":484},"D3-SCF","System Call Filtering",{"name":76},{"id":486,"name":487,"tactic":488},"D3-HBPI","Hardware-based Process Isolation",{"name":76},{"id":490,"name":491,"tactic":492},"D3-ABPI","Application-based Process Isolation",{"name":76},{"id":494,"name":495,"tactic":496},"D3-WSAM","Web Session Access Mediation",{"name":76},{"id":498,"name":499,"techniques":500},"CAPEC-645","Use of Captured Tickets (Pass The Ticket)",[501],{"id":502,"name":503,"tactics":504,"countermeasures":507},"T1550.003","Pass the Ticket",[505,506],{"id":322,"name":323},{"id":241,"name":242},[508,510,512,514,516,518,520,522,524,526,528,530],{"id":450,"name":451,"tactic":509},{"name":39},{"id":454,"name":455,"tactic":511},{"name":39},{"id":458,"name":459,"tactic":513},{"name":39},{"id":462,"name":463,"tactic":515},{"name":44},{"id":466,"name":467,"tactic":517},{"name":44},{"id":470,"name":471,"tactic":519},{"name":44},{"id":474,"name":475,"tactic":521},{"name":44},{"id":478,"name":479,"tactic":523},{"name":76},{"id":482,"name":483,"tactic":525},{"name":76},{"id":486,"name":487,"tactic":527},{"name":76},{"id":490,"name":491,"tactic":529},{"name":76},{"id":494,"name":495,"tactic":531},{"name":76},{"id":533,"name":534,"techniques":535},"CAPEC-652","Use of Known Kerberos Credentials",[536],{"id":537,"name":538,"tactics":539,"countermeasures":541},"T1558","Steal or Forge Kerberos Tickets",[540],{"id":32,"name":33},[542,544,546,548,550,552,554,556,558,560,562,564,566,568,570,572,574,576,578,580,582],{"id":91,"name":92,"tactic":543},{"name":39},{"id":95,"name":96,"tactic":545},{"name":39},{"id":99,"name":100,"tactic":547},{"name":39},{"id":103,"name":104,"tactic":549},{"name":39},{"id":107,"name":108,"tactic":551},{"name":39},{"id":111,"name":112,"tactic":553},{"name":39},{"id":115,"name":116,"tactic":555},{"name":39},{"id":119,"name":120,"tactic":557},{"name":39},{"id":36,"name":37,"tactic":559},{"name":39},{"id":125,"name":126,"tactic":561},{"name":39},{"id":41,"name":42,"tactic":563},{"name":44},{"id":46,"name":47,"tactic":565},{"name":44},{"id":50,"name":51,"tactic":567},{"name":53},{"id":55,"name":56,"tactic":569},{"name":58},{"id":60,"name":61,"tactic":571},{"name":58},{"id":64,"name":65,"tactic":573},{"name":58},{"id":141,"name":142,"tactic":575},{"name":58},{"id":145,"name":146,"tactic":577},{"name":58},{"id":68,"name":69,"tactic":579},{"name":71},{"id":151,"name":152,"tactic":581},{"name":76},{"id":73,"name":74,"tactic":583},{"name":76},{"id":585,"name":586,"techniques":587},"CAPEC-653","Use of Known Operating System Credentials",[],{"_key":589,"id":589,"name":590,"description":591,"type":15,"status":592,"abstraction":17,"likelihood_of_exploit":9,"capec":593},"CWE-172","Encoding Error","The product does not properly encode or decode the data, resulting in unexpected values.","Draft",[594,598,647,651,655,659,663,667,671,675],{"id":595,"name":596,"techniques":597},"CAPEC-120","Double Encoding",[],{"id":599,"name":600,"techniques":601},"CAPEC-267","Leverage Alternate Encoding",[602],{"id":603,"name":604,"tactics":605,"countermeasures":608},"T1027","Obfuscated Files or Information",[606,607],{"id":322,"name":323},{"id":325,"name":326},[609,611,613,617,621,623,625,627,629,631,633,635,637,639,643],{"id":177,"name":178,"tactic":610},{"name":39},{"id":181,"name":182,"tactic":612},{"name":39},{"id":614,"name":615,"tactic":616},"D3-DA","Dynamic Analysis",{"name":39},{"id":618,"name":619,"tactic":620},"D3-EFA","Emulated File Analysis",{"name":39},{"id":189,"name":190,"tactic":622},{"name":44},{"id":193,"name":194,"tactic":624},{"name":53},{"id":197,"name":198,"tactic":626},{"name":58},{"id":205,"name":206,"tactic":628},{"name":71},{"id":213,"name":214,"tactic":630},{"name":76},{"id":217,"name":218,"tactic":632},{"name":76},{"id":221,"name":222,"tactic":634},{"name":76},{"id":225,"name":226,"tactic":636},{"name":76},{"id":229,"name":230,"tactic":638},{"name":76},{"id":640,"name":641,"tactic":642},"D3-EAL","Executable Allowlisting",{"name":76},{"id":644,"name":645,"tactic":646},"D3-EDL","Executable Denylisting",{"name":76},{"id":648,"name":649,"techniques":650},"CAPEC-3","Using Leading 'Ghost' Character Sequences to Bypass Input Filters",[],{"id":652,"name":653,"techniques":654},"CAPEC-52","Embedding NULL Bytes",[],{"id":656,"name":657,"techniques":658},"CAPEC-53","Postfix, Null Terminate, and Backslash",[],{"id":660,"name":661,"techniques":662},"CAPEC-64","Using Slashes and URL Encoding Combined to Bypass Validation Logic",[],{"id":664,"name":665,"techniques":666},"CAPEC-71","Using Unicode Encoding to Bypass Validation Logic",[],{"id":668,"name":669,"techniques":670},"CAPEC-72","URL Encoding",[],{"id":672,"name":673,"techniques":674},"CAPEC-78","Using Escaped Slashes in Alternate Encoding",[],{"id":676,"name":677,"techniques":678},"CAPEC-80","Using UTF-8 Encoding to Bypass Validation Logic",[],[],[],[],[683,685,687,689,691,693,695,697,699,701,703,705,707,709,711,713,715,717,719,721,723,725,727,729],{"_key":684},"SUSE-SU-2019:14142-1",{"_key":686},"SUSE-SU-2020:0234-1",{"_key":688},"OPENSUSE-SU-2024:11202-1",{"_key":690},"SUSE-SU-2019:14246-1",{"_key":692},"SUSE-SU-2019:2050-1",{"_key":694},"SUSE-SU-2019:2053-1",{"_key":696},"SUSE-SU-2019:2053-2",{"_key":698},"SUSE-SU-2019:2064-1",{"_key":700},"SUSE-SU-2019:2091-1",{"_key":702},"SUSE-SU-2020:0114-1",{"_key":704},"SUSE-SU-2020:0302-1",{"_key":706},"OPENSUSE-SU-2019:1906-1",{"_key":708},"OPENSUSE-SU-2020:0086-1",{"_key":710},"OPENSUSE-SU-2024:11284-1",{"_key":712},"RHSA-2019:1587",{"_key":714},"RHSA-2019:1700",{"_key":716},"DLA-2280-1",{"_key":718},"MGASA-2019-0318",{"_key":720},"UBUNTU-CVE-2019-10160",{"_key":722},"USN-4127-1",{"_key":724},"USN-4127-2",{"_key":726},"DEBIAN-CVE-2019-10160",{"_key":728},"RHSA-2019:2437",{"_key":730},"USN-6891-1",[],[733,734,735,736,737,738,739,740,741,742,743,744,745,746,747],{"_key":684},{"_key":686},{"_key":688},{"_key":718},{"_key":690},{"_key":692},{"_key":694},{"_key":696},{"_key":698},{"_key":700},{"_key":702},{"_key":704},{"_key":706},{"_key":708},{"_key":710},"2019-06-07T17:50:33.000Z","2024-08-04T22:10:10.028Z","Modified",{"cisa_kev":752,"cisa_ransomware":752,"cisa_vendor":9,"epss_severity":753,"epss_score":754,"severity":755,"severity_score":756,"severity_version":757,"severity_source":758,"severity_vector":759,"severity_status":750},false,"low",0.01472,"critical",9.8,"v3.0","cve.org","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[761,769,775,779,783,787,791,795,801,807,811,816,820,824,828,832,837,842,846,850,854,858,862,866,870,874,878,882],{"url":762,"sources":763,"tags":765},"https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization2.html",[758,764],"nvd",[766,767,768],"X Refsource MISC","Patch","Third Party Advisory",{"url":770,"sources":771,"tags":772},"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10160",[758,764],[773,774,767,768],"X Refsource CONFIRM","Issue Tracking",{"url":776,"sources":777,"tags":778},"https://github.com/python/cpython/commit/8d0ef0b5edeae52960c7ed05ae8a12388324f87e",[758,764],[773,767,768],{"url":780,"sources":781,"tags":782},"https://github.com/python/cpython/commit/f61599b050c621386a3fc6bc480359e2d3bb93de",[758,764],[773,767,768],{"url":784,"sources":785,"tags":786},"https://github.com/python/cpython/commit/250b62acc59921d399f0db47db3b462cd6037e09",[758,764],[773,767,768],{"url":788,"sources":789,"tags":790},"https://github.com/python/cpython/commit/fd1771dbdd28709716bd531580c40ae5ed814468",[758,764],[773,767,768],{"url":792,"sources":793,"tags":794},"https://security.netapp.com/advisory/ntap-20190617-0003/",[758,764],[773,768],{"url":796,"sources":797,"tags":798},"https://access.redhat.com/errata/RHSA-2019:1587",[758,764],[799,800,768],"Vendor Advisory","X Refsource REDHAT",{"url":802,"sources":803,"tags":804},"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html",[758,764],[805,806,768],"Mailing List","X Refsource MLIST",{"url":808,"sources":809,"tags":810},"https://access.redhat.com/errata/RHSA-2019:1700",[758,764],[799,800,768],{"url":812,"sources":813,"tags":814},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/",[758,764],[799,815],"X Refsource FEDORA",{"url":817,"sources":818,"tags":819},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/",[758,764],[799,815],{"url":821,"sources":822,"tags":823},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/",[758,764],[799,815],{"url":825,"sources":826,"tags":827},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/",[758,764],[799,815],{"url":829,"sources":830,"tags":831},"https://access.redhat.com/errata/RHSA-2019:2437",[758,764],[799,800,768],{"url":833,"sources":834,"tags":835},"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00042.html",[758,764],[799,836,805,768],"X Refsource SUSE",{"url":838,"sources":839,"tags":840},"https://usn.ubuntu.com/4127-2/",[758,764],[799,841,768],"X Refsource UBUNTU",{"url":843,"sources":844,"tags":845},"https://usn.ubuntu.com/4127-1/",[758,764],[799,841,768],{"url":847,"sources":848,"tags":849},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/",[758,764],[799,815],{"url":851,"sources":852,"tags":853},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/",[758,764],[799,815],{"url":855,"sources":856,"tags":857},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/",[758,764],[799,815],{"url":859,"sources":860,"tags":861},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/",[758,764],[799,815],{"url":863,"sources":864,"tags":865},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/",[758,764],[799,815],{"url":867,"sources":868,"tags":869},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/",[758,764],[799,815],{"url":871,"sources":872,"tags":873},"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html",[758,764],[799,836,805,768],{"url":875,"sources":876,"tags":877},"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html",[758,764],[805,806,768],{"url":879,"sources":880,"tags":881},"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E",[758,764],[805,806],{"url":883,"sources":884,"tags":885},"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html",[758,764],[805,806,768],[],{"date":888,"score":754,"percentile":889},"2026-06-04",0.81276,[891,895,898,901,904,907,910,913,916,919,922,925,928,930,933,937,940,943,947,951,954,957,960,962,965,968,971,974,977,980,983,986,989,992,995,998,1001,1004,1007,1010,1012,1015,1018,1021,1024,1027,1030,1033,1036,1039,1041,1044,1047,1050,1054,1057,1060,1063,1065,1068,1071,1074,1077,1080,1083,1085,1088,1090,1092,1095,1097,1100,1103,1106,1109,1111,1114,1117,1119,1121,1124,1127,1130,1133,1136,1139,1142,1144,1146,1149],{"date":892,"score":893,"percentile":894},"2025-11-04",0.01797,0.82161,{"date":896,"score":893,"percentile":897},"2025-11-05",0.82163,{"date":899,"score":893,"percentile":900},"2025-11-06",0.82166,{"date":902,"score":893,"percentile":903},"2025-11-07",0.82176,{"date":905,"score":893,"percentile":906},"2025-11-08",0.82183,{"date":908,"score":893,"percentile":909},"2025-11-09",0.82178,{"date":911,"score":893,"percentile":912},"2025-11-10",0.82171,{"date":914,"score":893,"percentile":915},"2025-11-11",0.82179,{"date":917,"score":893,"percentile":918},"2025-11-12",0.8219,{"date":920,"score":893,"percentile":921},"2025-11-13",0.82194,{"date":923,"score":893,"percentile":924},"2025-11-14",0.82198,{"date":926,"score":893,"percentile":927},"2025-11-15",0.82192,{"date":929,"score":893,"percentile":921},"2025-11-16",{"date":931,"score":893,"percentile":932},"2025-11-17",0.82191,{"date":934,"score":935,"percentile":936},"2025-11-18",0.01608,0.80226,{"date":938,"score":935,"percentile":939},"2025-11-19",0.80229,{"date":941,"score":935,"percentile":942},"2025-11-20",0.80237,{"date":944,"score":945,"percentile":946},"2025-11-21",0.01335,0.79389,{"date":948,"score":949,"percentile":950},"2025-11-22",0.01846,0.8243,{"date":952,"score":949,"percentile":953},"2025-11-23",0.82423,{"date":955,"score":949,"percentile":956},"2025-11-24",0.82422,{"date":958,"score":949,"percentile":959},"2025-11-25",0.82419,{"date":961,"score":949,"percentile":959},"2025-11-26",{"date":963,"score":949,"percentile":964},"2025-11-27",0.82421,{"date":966,"score":949,"percentile":967},"2025-11-28",0.82408,{"date":969,"score":949,"percentile":970},"2025-11-29",0.82413,{"date":972,"score":949,"percentile":973},"2025-11-30",0.82418,{"date":975,"score":949,"percentile":976},"2025-12-01",0.82491,{"date":978,"score":949,"percentile":979},"2025-12-02",0.82493,{"date":981,"score":949,"percentile":982},"2025-12-03",0.82492,{"date":984,"score":949,"percentile":985},"2025-12-04",0.82414,{"date":987,"score":893,"percentile":988},"2025-12-05",0.82209,{"date":990,"score":893,"percentile":991},"2025-12-06",0.82205,{"date":993,"score":893,"percentile":994},"2025-12-07",0.82204,{"date":996,"score":893,"percentile":997},"2025-12-08",0.82206,{"date":999,"score":893,"percentile":1000},"2025-12-09",0.82222,{"date":1002,"score":893,"percentile":1003},"2025-12-10",0.82247,{"date":1005,"score":893,"percentile":1006},"2025-12-11",0.82264,{"date":1008,"score":893,"percentile":1009},"2025-12-12",0.82274,{"date":1011,"score":893,"percentile":1009},"2025-12-13",{"date":1013,"score":893,"percentile":1014},"2025-12-14",0.8227,{"date":1016,"score":893,"percentile":1017},"2025-12-15",0.82268,{"date":1019,"score":893,"percentile":1020},"2025-12-16",0.82279,{"date":1022,"score":893,"percentile":1023},"2025-12-17",0.82285,{"date":1025,"score":949,"percentile":1026},"2025-12-18",0.82503,{"date":1028,"score":949,"percentile":1029},"2025-12-19",0.82507,{"date":1031,"score":949,"percentile":1032},"2025-12-20",0.82501,{"date":1034,"score":949,"percentile":1035},"2025-12-21",0.82499,{"date":1037,"score":949,"percentile":1038},"2025-12-22",0.82502,{"date":1040,"score":949,"percentile":1029},"2025-12-23",{"date":1042,"score":893,"percentile":1043},"2025-12-24",0.8231,{"date":1045,"score":893,"percentile":1046},"2025-12-25",0.82325,{"date":1048,"score":893,"percentile":1049},"2025-12-26",0.82326,{"date":1051,"score":1052,"percentile":1053},"2025-12-27",0.02171,0.8392,{"date":1055,"score":893,"percentile":1056},"2025-12-28",0.82311,{"date":1058,"score":893,"percentile":1059},"2025-12-29",0.82305,{"date":1061,"score":893,"percentile":1062},"2025-12-30",0.82313,{"date":1064,"score":893,"percentile":1049},"2025-12-31",{"date":1066,"score":893,"percentile":1067},"2026-01-01",0.82395,{"date":1069,"score":893,"percentile":1070},"2026-01-02",0.82391,{"date":1072,"score":893,"percentile":1073},"2026-01-03",0.82385,{"date":1075,"score":893,"percentile":1076},"2026-01-04",0.82304,{"date":1078,"score":893,"percentile":1079},"2026-01-05",0.82298,{"date":1081,"score":893,"percentile":1082},"2026-01-06",0.82303,{"date":1084,"score":893,"percentile":1076},"2026-01-07",{"date":1086,"score":893,"percentile":1087},"2026-01-08",0.82309,{"date":1089,"score":893,"percentile":1087},"2026-01-09",{"date":1091,"score":893,"percentile":1087},"2026-01-10",{"date":1093,"score":893,"percentile":1094},"2026-01-11",0.82306,{"date":1096,"score":893,"percentile":1079},"2026-01-12",{"date":1098,"score":893,"percentile":1099},"2026-01-13",0.82295,{"date":1101,"score":893,"percentile":1102},"2026-01-14",0.82315,{"date":1104,"score":893,"percentile":1105},"2026-01-15",0.82312,{"date":1107,"score":893,"percentile":1108},"2026-01-16",0.82322,{"date":1110,"score":893,"percentile":1046},"2026-01-17",{"date":1112,"score":893,"percentile":1113},"2026-01-18",0.82323,{"date":1115,"score":893,"percentile":1116},"2026-01-19",0.82319,{"date":1118,"score":893,"percentile":1116},"2026-01-20",{"date":1120,"score":893,"percentile":1046},"2026-01-21",{"date":1122,"score":893,"percentile":1123},"2026-01-22",0.82333,{"date":1125,"score":893,"percentile":1126},"2026-01-23",0.82352,{"date":1128,"score":893,"percentile":1129},"2026-01-24",0.82358,{"date":1131,"score":893,"percentile":1132},"2026-01-25",0.82351,{"date":1134,"score":893,"percentile":1135},"2026-01-26",0.82348,{"date":1137,"score":893,"percentile":1138},"2026-01-27",0.82346,{"date":1140,"score":893,"percentile":1141},"2026-01-28",0.8235,{"date":1143,"score":893,"percentile":1132},"2026-01-29",{"date":1145,"score":893,"percentile":1129},"2026-01-30",{"date":1147,"score":893,"percentile":1148},"2026-01-31",0.82363,{"date":1150,"score":893,"percentile":1151},"2026-02-01",0.82439,[1153,1157],{"source":758,"cvss_v2_0":9,"cvss_v3_0":1154,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":756,"baseSeverity":1155,"vectorString":759,"impactScore":756,"exploitabilityScore":1156},"CRITICAL",10,{"source":764,"cvss_v2_0":1158,"cvss_v3_0":1162,"cvss_v3_1":1163,"cvss_v4_0":9},{"baseScore":1159,"baseSeverity":9,"vectorString":1160,"impactScore":1161,"exploitabilityScore":1156},5,"AV:N/AC:L/Au:N/C:P/I:N/A:N",2.9,{"baseScore":756,"baseSeverity":1155,"vectorString":759,"impactScore":756,"exploitabilityScore":1156},{"baseScore":756,"baseSeverity":1155,"vectorString":1164,"impactScore":756,"exploitabilityScore":1156},"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[1166,1183,1192,1202,1210,1215,1223,1251,1258,1264,1269,1274,1279,1284],{"ecosystem":9,"name":1167,"vendor":1168,"product":1169,"cpe_part":1170,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1171},"ubuntu linux","canonical","ubuntu_linux","o",[1172,1175,1177,1179,1181],{"version":1173,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.04","cpe",{"version":1176,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":1178,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":1180,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":1182,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"19.04",{"ecosystem":9,"name":1184,"vendor":1185,"product":1186,"cpe_part":1170,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1187},"debian linux","debian","debian_linux",[1188,1190],{"version":1189,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":1191,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":1193,"vendor":1194,"product":1193,"cpe_part":1170,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1195},"fedora","fedoraproject",[1196,1198,1200],{"version":1197,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"29",{"version":1199,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"30",{"version":1201,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31",{"ecosystem":9,"name":1203,"vendor":1204,"product":1205,"cpe_part":1206,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1207},"cloud backup","netapp","cloud_backup","a",[1208],{"version":1209,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":1211,"vendor":1204,"product":1212,"cpe_part":1206,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1213},"converged systems advisor agent","converged_systems_advisor_agent",[1214],{"version":1209,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":1216,"vendor":1217,"product":1216,"cpe_part":1170,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1218},"leap","opensuse",[1219,1221],{"version":1220,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.0",{"version":1222,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.1",{"ecosystem":9,"name":1224,"vendor":1224,"product":1224,"cpe_part":1206,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1225},"python",[1226,1233,1237,1241,1245,1247,1249],{"version":1227,"is_range":1228,"range_type":1174,"version_start":1229,"version_start_type":1230,"version_end":1231,"version_end_type":1232,"fixed_in":9},"gte2.7.0_lt2.7.17",true,"2.7.0","including","2.7.17","excluding",{"version":1234,"is_range":1228,"range_type":1174,"version_start":1235,"version_start_type":1230,"version_end":1236,"version_end_type":1232,"fixed_in":9},"gte3.5.0_lt3.5.8","3.5.0","3.5.8",{"version":1238,"is_range":1228,"range_type":1174,"version_start":1239,"version_start_type":1230,"version_end":1240,"version_end_type":1232,"fixed_in":9},"gte3.6.0_lt3.6.9","3.6.0","3.6.9",{"version":1242,"is_range":1228,"range_type":1174,"version_start":1243,"version_start_type":1230,"version_end":1244,"version_end_type":1232,"fixed_in":9},"gte3.7.0_lt3.7.4","3.7.0","3.7.4",{"version":1246,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.8.0:alpha4",{"version":1248,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.8.0:beta1",{"version":1250,"is_range":752,"range_type":758,"version_start":1250,"version_start_type":1230,"version_end":1250,"version_end_type":1230,"fixed_in":9},"affects 2.7, 3.5, 3.6, 3.7, >= v3.8.0a4 and \u003C v3.8.0b1",{"ecosystem":9,"name":1252,"vendor":1253,"product":1254,"cpe_part":1170,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1255},"enterprise linux desktop","redhat","enterprise_linux_desktop",[1256],{"version":1257,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"ecosystem":9,"name":1259,"vendor":1253,"product":1260,"cpe_part":1170,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1261},"enterprise linux eus","enterprise_linux_eus",[1262],{"version":1263,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.6",{"ecosystem":9,"name":1265,"vendor":1253,"product":1266,"cpe_part":1170,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1267},"enterprise linux server","enterprise_linux_server",[1268],{"version":1257,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":1270,"vendor":1253,"product":1271,"cpe_part":1170,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1272},"enterprise linux server aus","enterprise_linux_server_aus",[1273],{"version":1263,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":1275,"vendor":1253,"product":1276,"cpe_part":1170,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1277},"enterprise linux server tus","enterprise_linux_server_tus",[1278],{"version":1263,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":1280,"vendor":1253,"product":1281,"cpe_part":1170,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1282},"enterprise linux workstation","enterprise_linux_workstation",[1283],{"version":1257,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":1285,"vendor":1253,"product":1285,"cpe_part":1206,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1286},"virtualization",[1287],{"version":1288,"is_range":752,"range_type":1174,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0"]