{"id":"UBUNTU-CVE-2022-31129","details":"moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input.","modified":"2026-05-27T10:16:11.614158182Z","published":"2022-07-06T18:15:00Z","related":["USN-5559-1","USN-6550-1"],"upstream":["CVE-2022-31129"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-31129"},{"type":"REPORT","url":"https://github.com/moment/moment/pull/6015#issuecomment-1152961973"},{"type":"REPORT","url":"https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5559-1"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6550-1"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2022-31129"}],"affected":[{"package":{"name":"gnucash","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/gnucash?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:2.6.6-2ubuntu2","1:2.6.9-1ubuntu1","1:2.6.12-1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:2.6.12-1","binary_name":"gnucash"},{"binary_version":"1:2.6.12-1","binary_name":"gnucash-common"},{"binary_version":"1:2.6.12-1","binary_name":"python-gnucash"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"node-moment","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/node-moment?arch=source&distro=esm-apps%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.10.6+dfsg-1","2.11.0+ds-1","2.11.0+ds-1ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"2.11.0+ds-1ubuntu0.1~esm1","binary_name":"libjs-moment"},{"binary_version":"2.11.0+ds-1ubuntu0.1~esm1","binary_name":"node-moment"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"ntopng","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/ntopng?arch=source&distro=esm-apps%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.2.1+dfsg1-2ubuntu1","2.0+dfsg1-1","2.2+dfsg1-1","2.2+dfsg1-1build1","2.2+dfsg1-1ubuntu0.1~esm2"],"ecosystem_specific":{"binaries":[{"binary_version":"2.2+dfsg1-1ubuntu0.1~esm2","binary_name":"ntopng"},{"binary_version":"2.2+dfsg1-1ubuntu0.1~esm2","binary_name":"ntopng-data"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"sabnzbdplus","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/sabnzbdplus?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.7.20-1","0.7.20+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_version":"0.7.20+dfsg-1","binary_name":"sabnzbdplus"},{"binary_version":"0.7.20+dfsg-1","binary_name":"sabnzbdplus-theme-classic"},{"binary_version":"0.7.20+dfsg-1","binary_name":"sabnzbdplus-theme-iphone"},{"binary_version":"0.7.20+dfsg-1","binary_name":"sabnzbdplus-theme-mobile"},{"binary_version":"0.7.20+dfsg-1","binary_name":"sabnzbdplus-theme-plush"},{"binary_version":"0.7.20+dfsg-1","binary_name":"sabnzbdplus-theme-smpl"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"wordpress","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/wordpress?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.3+dfsg-1","4.3.1+dfsg-1","4.4+dfsg-1","4.4.1+dfsg-1","4.4.2+dfsg-1","4.4.2+dfsg-1ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"4.4.2+dfsg-1ubuntu1","binary_name":"wordpress"},{"binary_version":"4.4.2+dfsg-1ubuntu1","binary_name":"wordpress-l10n"},{"binary_version":"4.4.2+dfsg-1ubuntu1","binary_name":"wordpress-theme-twentyfifteen"},{"binary_version":"4.4.2+dfsg-1ubuntu1","binary_name":"wordpress-theme-twentyfourteen"},{"binary_version":"4.4.2+dfsg-1ubuntu1","binary_name":"wordpress-theme-twentysixteen"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"node-moment","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/node-moment?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.20.1+ds-1ubuntu0.1"}]}],"versions":["2.18.1+ds-1","2.19.1+ds-1","2.19.2+ds-1","2.19.3+ds-1","2.19.4+ds-1","2.20.1+ds-1"],"ecosystem_specific":{"binaries":[{"binary_version":"2.20.1+ds-1ubuntu0.1","binary_name":"libjs-moment"},{"binary_version":"2.20.1+ds-1ubuntu0.1","binary_name":"node-moment"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"gnucash","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/gnucash?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:2.6.17-1ubuntu1","1:2.6.18-1","1:2.6.19-1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:2.6.19-1","binary_name":"gnucash"},{"binary_version":"1:2.6.19-1","binary_name":"gnucash-common"},{"binary_version":"1:2.6.19-1","binary_name":"python-gnucash"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"mediawiki","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/mediawiki?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:1.27.3-1","1:1.27.4-1","1:1.27.4-2","1:1.27.4-3"],"ecosystem_specific":{"binaries":[{"binary_version":"1:1.27.4-3","binary_name":"mediawiki"},{"binary_version":"1:1.27.4-3","binary_name":"mediawiki-classes"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"ntopng","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/ntopng?arch=source&distro=esm-apps%2Fbionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.4+dfsg1-3","2.4+dfsg1-4","3.2+dfsg1-1","3.2+dfsg1-1ubuntu0.1~esm2"],"ecosystem_specific":{"binaries":[{"binary_version":"3.2+dfsg1-1ubuntu0.1~esm2","binary_name":"ntopng"},{"binary_version":"3.2+dfsg1-1ubuntu0.1~esm2","binary_name":"ntopng-data"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"sabnzbdplus","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/sabnzbdplus?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.1.1+dfsg-1","2.3.1+dfsg-1","2.3.2+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_version":"2.3.2+dfsg-1","binary_name":"sabnzbdplus"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"syncthing","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/syncthing?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.14.36+ds1-1","0.14.38+ds1-1","0.14.43+ds1-5","0.14.43+ds1-6"],"ecosystem_specific":{"binaries":[{"binary_version":"0.14.43+ds1-6","binary_name":"golang-github-syncthing-syncthing-dev"},{"binary_version":"0.14.43+ds1-6","binary_name":"syncthing"},{"binary_version":"0.14.43+ds1-6","binary_name":"syncthing-discosrv"},{"binary_version":"0.14.43+ds1-6","binary_name":"syncthing-relaysrv"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"wordpress","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/wordpress?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.8.2+dfsg-2","4.8.3+dfsg-1","4.9.1+dfsg-1","4.9.2+dfsg-1","4.9.4+dfsg-1","4.9.5+dfsg1-1"],"ecosystem_specific":{"binaries":[{"binary_version":"4.9.5+dfsg1-1","binary_name":"wordpress"},{"binary_version":"4.9.5+dfsg1-1","binary_name":"wordpress-l10n"},{"binary_version":"4.9.5+dfsg1-1","binary_name":"wordpress-theme-twentyfifteen"},{"binary_version":"4.9.5+dfsg1-1","binary_name":"wordpress-theme-twentyseventeen"},{"binary_version":"4.9.5+dfsg1-1","binary_name":"wordpress-theme-twentysixteen"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"node-moment","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/node-moment?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.24.0+ds-2ubuntu0.1"}]}],"versions":["2.24.0+ds-1","2.24.0+ds-2"],"ecosystem_specific":{"binaries":[{"binary_version":"2.24.0+ds-2ubuntu0.1","binary_name":"libjs-moment"},{"binary_version":"2.24.0+ds-2ubuntu0.1","binary_name":"node-moment"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"gnucash","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/gnucash?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:3.7-1ubuntu1","1:3.7-1ubuntu2","1:3.7-2ubuntu1","1:3.8b-1","1:3.8b-1build2","1:3.8b-1build3","1:3.8b-1build4","1:3.8b-1ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:3.8b-1ubuntu1","binary_name":"gnucash"},{"binary_version":"1:3.8b-1ubuntu1","binary_name":"gnucash-common"},{"binary_version":"1:3.8b-1ubuntu1","binary_name":"python3-gnucash"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"mediawiki","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/mediawiki?arch=source&distro=esm-apps%2Ffocal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:1.31.2-1ubuntu1","1:1.31.5-1","1:1.31.5-1ubuntu1","1:1.31.5-2","1:1.31.5-3","1:1.31.5-3ubuntu1","1:1.31.6-1","1:1.31.7-1","1:1.31.7-1ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:1.31.7-1ubuntu0.1~esm1","binary_name":"mediawiki"},{"binary_version":"1:1.31.7-1ubuntu0.1~esm1","binary_name":"mediawiki-classes"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"ntopng","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/ntopng?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.8+dfsg1-2.1build3"],"ecosystem_specific":{"binaries":[{"binary_version":"3.8+dfsg1-2.1build3","binary_name":"ntopng"},{"binary_version":"3.8+dfsg1-2.1build3","binary_name":"ntopng-data"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"omnidb","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/omnidb?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.16.0+ds-2","2.16.0+ds-2build1","2.16.0+ds-3","2.16.0+ds-4","2.16.0+ds-4build1","2.17.0+ds-1"],"ecosystem_specific":{"binaries":[{"binary_version":"2.17.0+ds-1","binary_name":"omnidb-common"},{"binary_version":"2.17.0+ds-1","binary_name":"omnidb-server"},{"binary_version":"2.17.0+ds-1","binary_name":"postgresql-12-omnidb"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"ruby-momentjs-rails","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/ruby-momentjs-rails?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.20.1-2"],"ecosystem_specific":{"binaries":[{"binary_version":"2.20.1-2","binary_name":"ruby-momentjs-rails"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"sabnzbdplus","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/sabnzbdplus?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.3.6+dfsg-1","2.3.6+dfsg-1build1","2.3.6+dfsg-1ubuntu1","3.0.0~0git20200408+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_version":"3.0.0~0git20200408+dfsg-1","binary_name":"sabnzbdplus"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"syncthing","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/syncthing?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.1.4~ds1-4","1.1.4~ds1-4ubuntu1","1.1.4~ds1-4ubuntu1.1","1.1.4~ds1-4ubuntu1.2"],"ecosystem_specific":{"binaries":[{"binary_version":"1.1.4~ds1-4ubuntu1.2","binary_name":"golang-github-syncthing-syncthing-dev"},{"binary_version":"1.1.4~ds1-4ubuntu1.2","binary_name":"syncthing"},{"binary_version":"1.1.4~ds1-4ubuntu1.2","binary_name":"syncthing-discosrv"},{"binary_version":"1.1.4~ds1-4ubuntu1.2","binary_name":"syncthing-relaysrv"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"wordpress","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/wordpress?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.2.2+dfsg1-1","5.2.4+dfsg1-1","5.3.2+dfsg1-1","5.3.2+dfsg1-1ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.3.2+dfsg1-1ubuntu1","binary_name":"wordpress"},{"binary_version":"5.3.2+dfsg1-1ubuntu1","binary_name":"wordpress-l10n"},{"binary_version":"5.3.2+dfsg1-1ubuntu1","binary_name":"wordpress-theme-twentynineteen"},{"binary_version":"5.3.2+dfsg1-1ubuntu1","binary_name":"wordpress-theme-twentyseventeen"},{"binary_version":"5.3.2+dfsg1-1ubuntu1","binary_name":"wordpress-theme-twentysixteen"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"gnucash","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/gnucash?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:4.4-1ubuntu1","1:4.8-1build2"],"ecosystem_specific":{"binaries":[{"binary_version":"1:4.8-1build2","binary_name":"gnucash"},{"binary_version":"1:4.8-1build2","binary_name":"gnucash-common"},{"binary_version":"1:4.8-1build2","binary_name":"python3-gnucash"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"node-moment","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/node-moment?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.29.1+ds-3ubuntu0.2"}]}],"versions":["2.29.1+ds-2","2.29.1+ds-3"],"ecosystem_specific":{"binaries":[{"binary_version":"2.29.1+ds-3ubuntu0.2","binary_name":"libjs-moment"},{"binary_version":"2.29.1+ds-3ubuntu0.2","binary_name":"node-moment"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"ntopng","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/ntopng?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.2.1+dfsg1-1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.2.1+dfsg1-1","binary_name":"ntopng"},{"binary_version":"5.2.1+dfsg1-1","binary_name":"ntopng-data"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"odoo","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/odoo?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["14.0.0+dfsg.2-7","14.0.0+dfsg.3-1"],"ecosystem_specific":{"binaries":[{"binary_version":"14.0.0+dfsg.3-1","binary_name":"odoo-14"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"omnidb","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/omnidb?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.0.3b+ds-2","3.0.3b+ds-2build1","3.0.3b+ds-3"],"ecosystem_specific":{"binaries":[{"binary_version":"3.0.3b+ds-3","binary_name":"omnidb-common"},{"binary_version":"3.0.3b+ds-3","binary_name":"omnidb-server"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"ruby-momentjs-rails","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/ruby-momentjs-rails?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.20.1-2"],"ecosystem_specific":{"binaries":[{"binary_version":"2.20.1-2","binary_name":"ruby-momentjs-rails"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"sabnzbdplus","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/sabnzbdplus?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.2.1+dfsg-1","3.4.2+dfsg-1","3.4.2+dfsg-2","3.5.0+dfsg-1","3.5.0+dfsg-2","3.5.1+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_version":"3.5.1+dfsg-1","binary_name":"sabnzbdplus"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"wordpress","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/wordpress?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.7.1+dfsg1-2ubuntu1","5.8.1+dfsg1-2ubuntu1","5.8.2+dfsg1-1ubuntu1","5.8.3+dfsg1-1ubuntu1","5.8.3+dfsg1-1ubuntu1.1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.8.3+dfsg1-1ubuntu1.1","binary_name":"wordpress"},{"binary_version":"5.8.3+dfsg1-1ubuntu1.1","binary_name":"wordpress-l10n"},{"binary_version":"5.8.3+dfsg1-1ubuntu1.1","binary_name":"wordpress-theme-twentynineteen"},{"binary_version":"5.8.3+dfsg1-1ubuntu1.1","binary_name":"wordpress-theme-twentytwenty"},{"binary_version":"5.8.3+dfsg1-1ubuntu1.1","binary_name":"wordpress-theme-twentytwentyone"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"mediawiki","ecosystem":"Ubuntu:Pro:22.04:LTS","purl":"pkg:deb/ubuntu/mediawiki?arch=source&distro=esm-apps%2Fjammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:1.35.3-1","1:1.35.4-1","1:1.35.5-1","1:1.35.5-1ubuntu1","1:1.35.5-1ubuntu2","1:1.35.5-1ubuntu3","1:1.35.6-1","1:1.35.6-1ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:1.35.6-1ubuntu0.1~esm1","binary_name":"mediawiki"},{"binary_version":"1:1.35.6-1ubuntu0.1~esm1","binary_name":"mediawiki-classes"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"postfixadmin","ecosystem":"Ubuntu:Pro:22.04:LTS","purl":"pkg:deb/ubuntu/postfixadmin?arch=source&distro=esm-apps%2Fjammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.3.10-2ubuntu0.1~esm1"}]}],"versions":["3.3.7-1","3.3.10-2"],"ecosystem_specific":{"binaries":[{"binary_version":"3.3.10-2ubuntu0.1~esm1","binary_name":"postfixadmin"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"syncthing","ecosystem":"Ubuntu:Pro:22.04:LTS","purl":"pkg:deb/ubuntu/syncthing?arch=source&distro=esm-apps%2Fjammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.12.1~ds1-4","1.18.0~ds1-3","1.18.0~ds1-3ubuntu0.1","1.18.0~ds1-3ubuntu0.2","1.18.0~ds1-3ubuntu0.3","1.18.0~ds1-3ubuntu0.3+esm1","1.18.0~ds1-3ubuntu0.3+esm2"],"ecosystem_specific":{"binaries":[{"binary_version":"1.18.0~ds1-3ubuntu0.3+esm2","binary_name":"golang-github-syncthing-syncthing-dev"},{"binary_version":"1.18.0~ds1-3ubuntu0.3+esm2","binary_name":"syncthing"},{"binary_version":"1.18.0~ds1-3ubuntu0.3+esm2","binary_name":"syncthing-discosrv"},{"binary_version":"1.18.0~ds1-3ubuntu0.3+esm2","binary_name":"syncthing-relaysrv"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"gnucash","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/gnucash?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:5.3-1","1:5.4-2","1:5.4-2build1","1:5.5-1","1:5.5-1ubuntu1","1:5.5-1.1","1:5.5-1.2","1:5.5-1.2build1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:5.5-1.2build1","binary_name":"gnucash"},{"binary_version":"1:5.5-1.2build1","binary_name":"gnucash-common"},{"binary_version":"1:5.5-1.2build1","binary_name":"python3-gnucash"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"ntopng","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/ntopng?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.2.1+dfsg1-1","5.2.1+dfsg1-1ubuntu1","5.2.1+dfsg1-1ubuntu3","5.2.1+dfsg1-1ubuntu4"],"ecosystem_specific":{"binaries":[{"binary_version":"5.2.1+dfsg1-1ubuntu4","binary_name":"ntopng"},{"binary_version":"5.2.1+dfsg1-1ubuntu4","binary_name":"ntopng-data"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"odoo","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/odoo?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["16.0.0+dfsg.1-3","16.0.0+dfsg.2-1.1","16.0.0+dfsg.2-2"],"ecosystem_specific":{"binaries":[{"binary_version":"16.0.0+dfsg.2-2","binary_name":"odoo-16"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"omnidb","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/omnidb?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.0.3b+ds-4"],"ecosystem_specific":{"binaries":[{"binary_version":"3.0.3b+ds-4","binary_name":"omnidb-common"},{"binary_version":"3.0.3b+ds-4","binary_name":"omnidb-server"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"ruby-momentjs-rails","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/ruby-momentjs-rails?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.20.1-2"],"ecosystem_specific":{"binaries":[{"binary_version":"2.20.1-2","binary_name":"ruby-momentjs-rails"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"sabnzbdplus","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/sabnzbdplus?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.0.2+dfsg-1","4.1.0+dfsg-1","4.2.2+dfsg-2","4.2.2+dfsg-3"],"ecosystem_specific":{"binaries":[{"binary_version":"4.2.2+dfsg-3","binary_name":"sabnzbdplus"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"wordpress","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/wordpress?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.2+dfsg1-1ubuntu1","6.4.3+dfsg1-1ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"6.4.3+dfsg1-1ubuntu1","binary_name":"wordpress"},{"binary_version":"6.4.3+dfsg1-1ubuntu1","binary_name":"wordpress-l10n"},{"binary_version":"6.4.3+dfsg1-1ubuntu1","binary_name":"wordpress-theme-twentytwentyfour"},{"binary_version":"6.4.3+dfsg1-1ubuntu1","binary_name":"wordpress-theme-twentytwentythree"},{"binary_version":"6.4.3+dfsg1-1ubuntu1","binary_name":"wordpress-theme-twentytwentytwo"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"mediawiki","ecosystem":"Ubuntu:Pro:24.04:LTS","purl":"pkg:deb/ubuntu/mediawiki?arch=source&distro=esm-apps%2Fnoble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:1.39.4-2","1:1.39.5-1","1:1.39.6-1","1:1.39.7-1","1:1.39.7-1ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:1.39.7-1ubuntu0.1~esm1","binary_name":"mediawiki"},{"binary_version":"1:1.39.7-1ubuntu0.1~esm1","binary_name":"mediawiki-classes"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"postfixadmin","ecosystem":"Ubuntu:Pro:24.04:LTS","purl":"pkg:deb/ubuntu/postfixadmin?arch=source&distro=esm-apps%2Fnoble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.3.13-1","3.3.13-1ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"3.3.13-1ubuntu0.1~esm1","binary_name":"postfixadmin"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"syncthing","ecosystem":"Ubuntu:Pro:24.04:LTS","purl":"pkg:deb/ubuntu/syncthing?arch=source&distro=esm-apps%2Fnoble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.19.2~ds1-3","1.27.2~ds4-1","1.27.2~ds4-1ubuntu0.24.04.1","1.27.2~ds4-1ubuntu0.24.04.2","1.27.2~ds4-1ubuntu0.24.04.2+esm1","1.27.2~ds4-1ubuntu0.24.04.3","1.27.2~ds4-1ubuntu0.24.04.3+esm1","1.27.2~ds4-1ubuntu0.24.04.3+esm2"],"ecosystem_specific":{"binaries":[{"binary_version":"1.27.2~ds4-1ubuntu0.24.04.3+esm2","binary_name":"golang-github-syncthing-syncthing-dev"},{"binary_version":"1.27.2~ds4-1ubuntu0.24.04.3+esm2","binary_name":"syncthing"},{"binary_version":"1.27.2~ds4-1ubuntu0.24.04.3+esm2","binary_name":"syncthing-discosrv"},{"binary_version":"1.27.2~ds4-1ubuntu0.24.04.3+esm2","binary_name":"syncthing-relaysrv"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"gnucash","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/gnucash?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:5.10-0.1","1:5.10-0.1build1","1:5.13-1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:5.13-1","binary_name":"gnucash"},{"binary_version":"1:5.13-1","binary_name":"gnucash-common"},{"binary_version":"1:5.13-1","binary_name":"python3-gnucash"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"mediawiki","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/mediawiki?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:1.43.1+dfsg-1","1:1.43.1+dfsg-2","1:1.43.3+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:1.43.3+dfsg-1","binary_name":"mediawiki"},{"binary_version":"1:1.43.3+dfsg-1","binary_name":"mediawiki-classes"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"ntopng","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/ntopng?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.2.1+dfsg1-2ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.2.1+dfsg1-2ubuntu1","binary_name":"ntopng"},{"binary_version":"5.2.1+dfsg1-2ubuntu1","binary_name":"ntopng-data"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"odoo","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/odoo?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["18.0.0+dfsg-2"],"ecosystem_specific":{"binaries":[{"binary_version":"18.0.0+dfsg-2","binary_name":"odoo-18"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"omnidb","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/omnidb?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.0.3b+ds-6build1"],"ecosystem_specific":{"binaries":[{"binary_version":"3.0.3b+ds-6build1","binary_name":"omnidb-common"},{"binary_version":"3.0.3b+ds-6build1","binary_name":"omnidb-server"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"postfixadmin","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/postfixadmin?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.3.15+ds-2"],"ecosystem_specific":{"binaries":[{"binary_version":"3.3.15+ds-2","binary_name":"postfixadmin"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"sabnzbdplus","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/sabnzbdplus?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.4.1+dfsg-2","4.5.0+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_version":"4.5.0+dfsg-1","binary_name":"sabnzbdplus"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"syncthing","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/syncthing?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.29.2~ds1-1","1.29.5~ds1-2"],"ecosystem_specific":{"binaries":[{"binary_version":"1.29.5~ds1-2","binary_name":"golang-github-syncthing-syncthing-dev"},{"binary_version":"1.29.5~ds1-2","binary_name":"syncthing"},{"binary_version":"1.29.5~ds1-2","binary_name":"syncthing-discosrv"},{"binary_version":"1.29.5~ds1-2","binary_name":"syncthing-relaysrv"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"wordpress","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/wordpress?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.7.2+dfsg1-1.1ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"6.7.2+dfsg1-1.1ubuntu1","binary_name":"wordpress"},{"binary_version":"6.7.2+dfsg1-1.1ubuntu1","binary_name":"wordpress-l10n"},{"binary_version":"6.7.2+dfsg1-1.1ubuntu1","binary_name":"wordpress-theme-twentytwentyfive"},{"binary_version":"6.7.2+dfsg1-1.1ubuntu1","binary_name":"wordpress-theme-twentytwentyfour"},{"binary_version":"6.7.2+dfsg1-1.1ubuntu1","binary_name":"wordpress-theme-twentytwentythree"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"gnucash","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/gnucash?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:5.13-1","1:5.13-1build1","1:5.14-1build1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:5.14-1build1","binary_name":"gnucash"},{"binary_version":"1:5.14-1build1","binary_name":"gnucash-common"},{"binary_version":"1:5.14-1build1","binary_name":"python3-gnucash"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"mediawiki","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/mediawiki?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:1.43.3+dfsg-1","1:1.43.5+dfsg-1","1:1.43.6+dfsg-2","1:1.43.8+dfsg-1","1:1.43.8+dfsg-2"],"ecosystem_specific":{"binaries":[{"binary_version":"1:1.43.8+dfsg-2","binary_name":"mediawiki"},{"binary_version":"1:1.43.8+dfsg-2","binary_name":"mediawiki-classes"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"odoo","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/odoo?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["18.0.0+dfsg-2","18.0.0+dfsg-2build1"],"ecosystem_specific":{"binaries":[{"binary_version":"18.0.0+dfsg-2build1","binary_name":"odoo-18"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"postfixadmin","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/postfixadmin?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.3.15+ds-2","4.0.1+ds-1"],"ecosystem_specific":{"binaries":[{"binary_version":"4.0.1+ds-1","binary_name":"postfixadmin"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"sabnzbdplus","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/sabnzbdplus?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.5.0+dfsg-1","4.5.4+dfsg-4"],"ecosystem_specific":{"binaries":[{"binary_version":"4.5.4+dfsg-4","binary_name":"sabnzbdplus"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"syncthing","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/syncthing?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.29.5~ds1-2","1.29.5~ds1-3"],"ecosystem_specific":{"binaries":[{"binary_version":"1.29.5~ds1-3","binary_name":"golang-github-syncthing-syncthing-dev"},{"binary_version":"1.29.5~ds1-3","binary_name":"syncthing"},{"binary_version":"1.29.5~ds1-3","binary_name":"syncthing-discosrv"},{"binary_version":"1.29.5~ds1-3","binary_name":"syncthing-relaysrv"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}},{"package":{"name":"wordpress","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/wordpress?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.7.2+dfsg1-1.1ubuntu1","6.7.2+dfsg1-1.1ubuntu2"],"ecosystem_specific":{"binaries":[{"binary_version":"6.7.2+dfsg1-1.1ubuntu2","binary_name":"wordpress"},{"binary_version":"6.7.2+dfsg1-1.1ubuntu2","binary_name":"wordpress-l10n"},{"binary_version":"6.7.2+dfsg1-1.1ubuntu2","binary_name":"wordpress-theme-twentytwentyfive"},{"binary_version":"6.7.2+dfsg1-1.1ubuntu2","binary_name":"wordpress-theme-twentytwentyfour"},{"binary_version":"6.7.2+dfsg1-1.1ubuntu2","binary_name":"wordpress-theme-twentytwentythree"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31129.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]}