Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1050631?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1050631?format=api", "purl": "pkg:deb/debian/simgear@1.0.0-4", "type": "deb", "namespace": "debian", "name": "simgear", "version": "1.0.0-4", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1:2020.3.16+dfsg-1+deb12u1", "latest_non_vulnerable_version": "1:2020.3.16+dfsg-1+deb12u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3717?format=api", "vulnerability_id": "VCID-4zzy-q5zp-jkgm", "summary": "A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3720", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81381", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.8131", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81319", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81341", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81339", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81368", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81373", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81394", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3720" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=531697", "reference_id": "531697", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=531697" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936", "reference_id": "551936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919", "reference_id": "560919", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920", "reference_id": "560920", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921", "reference_id": "560921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922", "reference_id": "560922", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926", "reference_id": "560926", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927", "reference_id": "560927", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928", "reference_id": "560928", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929", "reference_id": "560929", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930", "reference_id": "560930", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935", "reference_id": "560935", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936", "reference_id": "560936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937", "reference_id": "560937", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940", "reference_id": "560940", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942", "reference_id": "560942", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950", "reference_id": "560950", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053", "reference_id": "601053", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-3720.json", "reference_id": "CVE-2009-3720", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-3720.json" }, { "reference_url": "https://security.gentoo.org/glsa/201209-06", "reference_id": "GLSA-201209-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1572", "reference_id": "RHSA-2009:1572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1625", "reference_id": "RHSA-2009:1625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0002", "reference_id": "RHSA-2010:0002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0491", "reference_id": "RHSA-2011:0491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0492", "reference_id": "RHSA-2011:0492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3239", "reference_id": "RHSA-2017:3239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "reference_url": "https://usn.ubuntu.com/890-1/", "reference_id": "USN-890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-1/" }, { "reference_url": "https://usn.ubuntu.com/890-2/", "reference_id": "USN-890-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-2/" }, { "reference_url": "https://usn.ubuntu.com/890-3/", "reference_id": "USN-890-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-3/" }, { "reference_url": "https://usn.ubuntu.com/890-4/", "reference_id": "USN-890-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-4/" }, { "reference_url": "https://usn.ubuntu.com/890-5/", "reference_id": "USN-890-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-5/" }, { "reference_url": "https://usn.ubuntu.com/890-6/", "reference_id": "USN-890-6", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-6/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050633?format=api", "purl": "pkg:deb/debian/simgear@3.0.0-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f7c9-mtg5-73d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/simgear@3.0.0-6" } ], "aliases": [ "CVE-2009-3720" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4zzy-q5zp-jkgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45205?format=api", "vulnerability_id": "VCID-8tcp-1jww-k3f3", "summary": "Multiple vulnerabilities have been found in FlightGear and SimGear\n allowing remote attackers to cause Denial of Service and possibly execute\n arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2090", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0448", "scoring_system": "epss", "scoring_elements": "0.89049", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0448", "scoring_system": "epss", "scoring_elements": "0.89057", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0448", "scoring_system": "epss", "scoring_elements": "0.89072", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0448", "scoring_system": "epss", "scoring_elements": "0.89075", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0448", "scoring_system": "epss", "scoring_elements": "0.89093", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0448", "scoring_system": "epss", "scoring_elements": "0.89098", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0448", "scoring_system": "epss", "scoring_elements": "0.89109", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0448", "scoring_system": "epss", "scoring_elements": "0.89105", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0448", "scoring_system": "epss", "scoring_elements": "0.89103", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2090" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2090", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2090" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669024", "reference_id": "669024", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669024" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669025", "reference_id": "669025", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669025" }, { "reference_url": "https://security.gentoo.org/glsa/201603-12", "reference_id": "GLSA-201603-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-12" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050633?format=api", "purl": "pkg:deb/debian/simgear@3.0.0-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f7c9-mtg5-73d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/simgear@3.0.0-6" } ], "aliases": [ "CVE-2012-2090" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8tcp-1jww-k3f3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96420?format=api", "vulnerability_id": "VCID-f7c9-mtg5-73d2", "summary": "An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0781", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.126", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12586", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12664", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12718", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12685", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12644", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12733", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12778", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0781" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0781", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0781" }, { "reference_url": "https://gitlab.com/flightgear/flightgear/-/issues/3025", "reference_id": "3025", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-28T17:02:59Z/" } ], "url": "https://gitlab.com/flightgear/flightgear/-/issues/3025" }, { "reference_url": "https://gitlab.com/flightgear/simgear/-/commit/5bb023647114267141a7610e8f1ca7d6f4f5a5a8", "reference_id": "5bb023647114267141a7610e8f1ca7d6f4f5a5a8", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-28T17:02:59Z/" } ], "url": "https://gitlab.com/flightgear/simgear/-/commit/5bb023647114267141a7610e8f1ca7d6f4f5a5a8" }, { "reference_url": "https://gitlab.com/flightgear/flightgear/-/commit/ad37afce28083fad7f79467b3ffdead753584358", "reference_id": "ad37afce28083fad7f79467b3ffdead753584358", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-28T17:02:59Z/" } ], "url": "https://gitlab.com/flightgear/flightgear/-/commit/ad37afce28083fad7f79467b3ffdead753584358" }, { "reference_url": "https://usn.ubuntu.com/7965-1/", "reference_id": "USN-7965-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7965-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1059027?format=api", "purl": "pkg:deb/debian/simgear@1:2020.3.16%2Bdfsg-1%2Bdeb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/simgear@1:2020.3.16%252Bdfsg-1%252Bdeb12u1" } ], "aliases": [ "CVE-2025-0781" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f7c9-mtg5-73d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3716?format=api", "vulnerability_id": "VCID-qtav-hqnd-b7fa", "summary": "A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3560", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86182", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86111", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86121", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86137", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86156", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86168", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03311", "scoring_system": "epss", "scoring_elements": "0.87253", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03311", "scoring_system": "epss", "scoring_elements": "0.87257", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=533174", "reference_id": "533174", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533174" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901", "reference_id": "560901", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919", "reference_id": "560919", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920", "reference_id": "560920", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921", "reference_id": "560921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922", "reference_id": "560922", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926", "reference_id": "560926", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927", "reference_id": "560927", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928", "reference_id": "560928", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929", "reference_id": "560929", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930", "reference_id": "560930", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935", "reference_id": "560935", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936", "reference_id": "560936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937", "reference_id": "560937", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940", "reference_id": "560940", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942", "reference_id": "560942", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053", "reference_id": "601053", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-3560.json", "reference_id": "CVE-2009-3560", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-3560.json" }, { "reference_url": "https://security.gentoo.org/glsa/201209-06", "reference_id": "GLSA-201209-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1625", "reference_id": "RHSA-2009:1625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3239", "reference_id": "RHSA-2017:3239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "reference_url": "https://usn.ubuntu.com/890-1/", "reference_id": "USN-890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-1/" }, { "reference_url": "https://usn.ubuntu.com/890-2/", "reference_id": "USN-890-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-2/" }, { "reference_url": "https://usn.ubuntu.com/890-3/", "reference_id": "USN-890-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-3/" }, { "reference_url": "https://usn.ubuntu.com/890-4/", "reference_id": "USN-890-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-4/" }, { "reference_url": "https://usn.ubuntu.com/890-5/", "reference_id": "USN-890-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-5/" }, { "reference_url": "https://usn.ubuntu.com/890-6/", "reference_id": "USN-890-6", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-6/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050633?format=api", "purl": "pkg:deb/debian/simgear@3.0.0-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f7c9-mtg5-73d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/simgear@3.0.0-6" } ], "aliases": [ "CVE-2009-3560" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtav-hqnd-b7fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45213?format=api", "vulnerability_id": "VCID-sgqz-rav3-fufm", "summary": "Multiple vulnerabilities have been found in FlightGear and SimGear\n allowing remote attackers to cause Denial of Service and possibly execute\n arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2091", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07557", "scoring_system": "epss", "scoring_elements": "0.91789", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07557", "scoring_system": "epss", "scoring_elements": "0.91797", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07557", "scoring_system": "epss", "scoring_elements": "0.91803", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07557", "scoring_system": "epss", "scoring_elements": "0.91811", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07557", "scoring_system": "epss", "scoring_elements": "0.91824", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07557", "scoring_system": "epss", "scoring_elements": "0.91831", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07557", "scoring_system": "epss", "scoring_elements": "0.91834", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07557", "scoring_system": "epss", "scoring_elements": "0.91836", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07557", "scoring_system": "epss", "scoring_elements": "0.91832", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2091" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2091" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669024", "reference_id": "669024", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669024" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669025", "reference_id": "669025", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669025" }, { "reference_url": "https://security.gentoo.org/glsa/201603-12", "reference_id": "GLSA-201603-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-12" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050633?format=api", "purl": "pkg:deb/debian/simgear@3.0.0-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f7c9-mtg5-73d2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/simgear@3.0.0-6" } ], "aliases": [ "CVE-2012-2091" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sgqz-rav3-fufm" } ], "fixing_vulnerabilities": [], "risk_score": "3.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/simgear@1.0.0-4" }