Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/audacity@1.2.4b-2.1
Typedeb
Namespacedebian
Nameaudacity
Version1.2.4b-2.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.4.2~dfsg0-5
Latest_non_vulnerable_version2.4.2~dfsg0-5
Affected_by_vulnerabilities
0
url VCID-2u5b-cbtr-xqa1
vulnerability_id VCID-2u5b-cbtr-xqa1
summary 
Audacity uses temporary files in an insecure manner, allowing for a symlink
    attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6061.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6061.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-6061
reference_id
reference_type
scores
0
value 0.00908
scoring_system epss
scoring_elements 0.75705
published_at 2026-04-01T12:55:00Z
1
value 0.00908
scoring_system epss
scoring_elements 0.75707
published_at 2026-04-02T12:55:00Z
2
value 0.00908
scoring_system epss
scoring_elements 0.75738
published_at 2026-04-04T12:55:00Z
3
value 0.00908
scoring_system epss
scoring_elements 0.75718
published_at 2026-04-07T12:55:00Z
4
value 0.00908
scoring_system epss
scoring_elements 0.75752
published_at 2026-04-08T12:55:00Z
5
value 0.00908
scoring_system epss
scoring_elements 0.75763
published_at 2026-04-13T12:55:00Z
6
value 0.00908
scoring_system epss
scoring_elements 0.75787
published_at 2026-04-11T12:55:00Z
7
value 0.00908
scoring_system epss
scoring_elements 0.75768
published_at 2026-04-12T12:55:00Z
8
value 0.00908
scoring_system epss
scoring_elements 0.75801
published_at 2026-04-16T12:55:00Z
9
value 0.00908
scoring_system epss
scoring_elements 0.75804
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-6061
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6061
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6061
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=393251
reference_id 393251
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=393251
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453283
reference_id 453283
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453283
5
reference_url https://security.gentoo.org/glsa/200803-03
reference_id GLSA-200803-03
reference_type
scores
url https://security.gentoo.org/glsa/200803-03
fixed_packages
0
url pkg:deb/debian/audacity@1.3.5-2%2Blenny1
purl pkg:deb/debian/audacity@1.3.5-2%2Blenny1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4e8r-fvv6-f7f2
1
vulnerability VCID-c1k4-7mhy-73gp
2
vulnerability VCID-nxc6-nv2g-17g6
3
vulnerability VCID-veb9-7659-wfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/audacity@1.3.5-2%252Blenny1
aliases CVE-2007-6061
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2u5b-cbtr-xqa1
1
url VCID-4e8r-fvv6-f7f2
vulnerability_id VCID-4e8r-fvv6-f7f2
summary Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2541
reference_id
reference_type
scores
0
value 0.00859
scoring_system epss
scoring_elements 0.74968
published_at 2026-04-01T12:55:00Z
1
value 0.00859
scoring_system epss
scoring_elements 0.74971
published_at 2026-04-02T12:55:00Z
2
value 0.00859
scoring_system epss
scoring_elements 0.75
published_at 2026-04-04T12:55:00Z
3
value 0.00859
scoring_system epss
scoring_elements 0.74976
published_at 2026-04-07T12:55:00Z
4
value 0.00859
scoring_system epss
scoring_elements 0.7501
published_at 2026-04-08T12:55:00Z
5
value 0.00859
scoring_system epss
scoring_elements 0.75022
published_at 2026-04-12T12:55:00Z
6
value 0.00859
scoring_system epss
scoring_elements 0.75043
published_at 2026-04-11T12:55:00Z
7
value 0.00859
scoring_system epss
scoring_elements 0.75011
published_at 2026-04-13T12:55:00Z
8
value 0.00859
scoring_system epss
scoring_elements 0.75047
published_at 2026-04-16T12:55:00Z
9
value 0.00859
scoring_system epss
scoring_elements 0.75055
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2541
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2541
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2541
fixed_packages
0
url pkg:deb/debian/audacity@2.1.2-2
purl pkg:deb/debian/audacity@2.1.2-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-veb9-7659-wfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/audacity@2.1.2-2
aliases CVE-2016-2541
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4e8r-fvv6-f7f2
2
url VCID-4zzy-q5zp-jkgm
vulnerability_id VCID-4zzy-q5zp-jkgm
summary A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-3720
reference_id
reference_type
scores
0
value 0.01161
scoring_system epss
scoring_elements 0.78619
published_at 2026-04-18T12:55:00Z
1
value 0.01161
scoring_system epss
scoring_elements 0.7862
published_at 2026-04-16T12:55:00Z
2
value 0.01541
scoring_system epss
scoring_elements 0.81319
published_at 2026-04-02T12:55:00Z
3
value 0.01541
scoring_system epss
scoring_elements 0.81341
published_at 2026-04-04T12:55:00Z
4
value 0.01541
scoring_system epss
scoring_elements 0.81339
published_at 2026-04-07T12:55:00Z
5
value 0.01541
scoring_system epss
scoring_elements 0.81373
published_at 2026-04-13T12:55:00Z
6
value 0.01541
scoring_system epss
scoring_elements 0.81394
published_at 2026-04-11T12:55:00Z
7
value 0.01541
scoring_system epss
scoring_elements 0.81381
published_at 2026-04-12T12:55:00Z
8
value 0.01541
scoring_system epss
scoring_elements 0.81368
published_at 2026-04-08T12:55:00Z
9
value 0.01541
scoring_system epss
scoring_elements 0.8131
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-3720
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=531697
reference_id 531697
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=531697
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936
reference_id 551936
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919
reference_id 560919
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920
reference_id 560920
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921
reference_id 560921
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922
reference_id 560922
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926
reference_id 560926
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927
reference_id 560927
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928
reference_id 560928
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929
reference_id 560929
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930
reference_id 560930
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935
reference_id 560935
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936
reference_id 560936
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937
reference_id 560937
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940
reference_id 560940
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942
reference_id 560942
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950
reference_id 560950
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053
reference_id 601053
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053
21
reference_url https://httpd.apache.org/security/json/CVE-2009-3720.json
reference_id CVE-2009-3720
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-3720.json
22
reference_url https://security.gentoo.org/glsa/201209-06
reference_id GLSA-201209-06
reference_type
scores
url https://security.gentoo.org/glsa/201209-06
23
reference_url https://access.redhat.com/errata/RHSA-2009:1572
reference_id RHSA-2009:1572
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1572
24
reference_url https://access.redhat.com/errata/RHSA-2009:1625
reference_id RHSA-2009:1625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1625
25
reference_url https://access.redhat.com/errata/RHSA-2010:0002
reference_id RHSA-2010:0002
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0002
26
reference_url https://access.redhat.com/errata/RHSA-2011:0491
reference_id RHSA-2011:0491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0491
27
reference_url https://access.redhat.com/errata/RHSA-2011:0492
reference_id RHSA-2011:0492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0492
28
reference_url https://access.redhat.com/errata/RHSA-2017:3239
reference_id RHSA-2017:3239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3239
29
reference_url https://usn.ubuntu.com/890-1/
reference_id USN-890-1
reference_type
scores
url https://usn.ubuntu.com/890-1/
30
reference_url https://usn.ubuntu.com/890-2/
reference_id USN-890-2
reference_type
scores
url https://usn.ubuntu.com/890-2/
31
reference_url https://usn.ubuntu.com/890-3/
reference_id USN-890-3
reference_type
scores
url https://usn.ubuntu.com/890-3/
32
reference_url https://usn.ubuntu.com/890-4/
reference_id USN-890-4
reference_type
scores
url https://usn.ubuntu.com/890-4/
33
reference_url https://usn.ubuntu.com/890-5/
reference_id USN-890-5
reference_type
scores
url https://usn.ubuntu.com/890-5/
34
reference_url https://usn.ubuntu.com/890-6/
reference_id USN-890-6
reference_type
scores
url https://usn.ubuntu.com/890-6/
fixed_packages
0
url pkg:deb/debian/audacity@1.3.5-2%2Blenny1
purl pkg:deb/debian/audacity@1.3.5-2%2Blenny1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4e8r-fvv6-f7f2
1
vulnerability VCID-c1k4-7mhy-73gp
2
vulnerability VCID-nxc6-nv2g-17g6
3
vulnerability VCID-veb9-7659-wfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/audacity@1.3.5-2%252Blenny1
aliases CVE-2009-3720
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4zzy-q5zp-jkgm
3
url VCID-c1k4-7mhy-73gp
vulnerability_id VCID-c1k4-7mhy-73gp
summary A boundary error in Audacity allows for the execution of arbitrary code.
references
0
reference_url http://bugs.gentoo.org/show_bug.cgi?id=253493
reference_id
reference_type
scores
url http://bugs.gentoo.org/show_bug.cgi?id=253493
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
2
reference_url http://n2.nabble.com/Audacity-%22String_parse::get_nonspace_quoted%28%29%22-Buffer-Overflow-td2139537.html
reference_id
reference_type
scores
url http://n2.nabble.com/Audacity-%22String_parse::get_nonspace_quoted%28%29%22-Buffer-Overflow-td2139537.html
3
reference_url http://osvdb.org/51070
reference_id
reference_type
scores
url http://osvdb.org/51070
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0490.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0490.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0490
reference_id
reference_type
scores
0
value 0.5806
scoring_system epss
scoring_elements 0.98194
published_at 2026-04-18T12:55:00Z
1
value 0.5806
scoring_system epss
scoring_elements 0.9817
published_at 2026-04-01T12:55:00Z
2
value 0.5806
scoring_system epss
scoring_elements 0.98173
published_at 2026-04-02T12:55:00Z
3
value 0.5806
scoring_system epss
scoring_elements 0.98176
published_at 2026-04-04T12:55:00Z
4
value 0.5806
scoring_system epss
scoring_elements 0.98178
published_at 2026-04-07T12:55:00Z
5
value 0.5806
scoring_system epss
scoring_elements 0.98182
published_at 2026-04-08T12:55:00Z
6
value 0.5806
scoring_system epss
scoring_elements 0.98183
published_at 2026-04-09T12:55:00Z
7
value 0.5806
scoring_system epss
scoring_elements 0.98187
published_at 2026-04-13T12:55:00Z
8
value 0.5806
scoring_system epss
scoring_elements 0.98193
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0490
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0490
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0490
7
reference_url http://secunia.com/advisories/33356
reference_id
reference_type
scores
url http://secunia.com/advisories/33356
8
reference_url https://www.exploit-db.com/exploits/7634
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/7634
9
reference_url http://www.securityfocus.com/bid/33090
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/33090
10
reference_url http://www.vupen.com/english/advisories/2009/0008
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2009/0008
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=484951
reference_id 484951
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=484951
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514138
reference_id 514138
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514138
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audacityteam:audacity:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:audacityteam:audacity:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audacityteam:audacity:*:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-0490
reference_id CVE-2009-0490
reference_type
scores
0
value 9.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:C/I:C/A:C
url https://nvd.nist.gov/vuln/detail/CVE-2009-0490
15
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/10322.py
reference_id CVE-2009-0490;OSVDB-51070
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/10322.py
16
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/9501.py
reference_id CVE-2009-0490;OSVDB-51070
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/9501.py
17
reference_url https://security.gentoo.org/glsa/200903-03
reference_id GLSA-200903-03
reference_type
scores
url https://security.gentoo.org/glsa/200903-03
18
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/7634.pl
reference_id OSVDB-51070;CVE-2009-0490
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/7634.pl
fixed_packages
0
url pkg:deb/debian/audacity@1.3.12-6
purl pkg:deb/debian/audacity@1.3.12-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4e8r-fvv6-f7f2
1
vulnerability VCID-nxc6-nv2g-17g6
2
vulnerability VCID-veb9-7659-wfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/audacity@1.3.12-6
aliases CVE-2009-0490
risk_score 10.0
exploitability 2.0
weighted_severity 8.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c1k4-7mhy-73gp
4
url VCID-nxc6-nv2g-17g6
vulnerability_id VCID-nxc6-nv2g-17g6
summary Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2540
reference_id
reference_type
scores
0
value 0.00908
scoring_system epss
scoring_elements 0.75708
published_at 2026-04-01T12:55:00Z
1
value 0.00908
scoring_system epss
scoring_elements 0.7571
published_at 2026-04-02T12:55:00Z
2
value 0.00908
scoring_system epss
scoring_elements 0.75741
published_at 2026-04-04T12:55:00Z
3
value 0.00908
scoring_system epss
scoring_elements 0.7572
published_at 2026-04-07T12:55:00Z
4
value 0.00908
scoring_system epss
scoring_elements 0.75754
published_at 2026-04-08T12:55:00Z
5
value 0.00908
scoring_system epss
scoring_elements 0.75766
published_at 2026-04-09T12:55:00Z
6
value 0.00908
scoring_system epss
scoring_elements 0.7579
published_at 2026-04-11T12:55:00Z
7
value 0.00908
scoring_system epss
scoring_elements 0.75771
published_at 2026-04-12T12:55:00Z
8
value 0.00908
scoring_system epss
scoring_elements 0.75765
published_at 2026-04-13T12:55:00Z
9
value 0.00908
scoring_system epss
scoring_elements 0.75804
published_at 2026-04-16T12:55:00Z
10
value 0.00908
scoring_system epss
scoring_elements 0.75807
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2540
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2540
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2540
fixed_packages
0
url pkg:deb/debian/audacity@2.1.2-2
purl pkg:deb/debian/audacity@2.1.2-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-veb9-7659-wfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/audacity@2.1.2-2
aliases CVE-2016-2540
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nxc6-nv2g-17g6
5
url VCID-qtav-hqnd-b7fa
vulnerability_id VCID-qtav-hqnd-b7fa
summary A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-3560
reference_id
reference_type
scores
0
value 0.0283
scoring_system epss
scoring_elements 0.86182
published_at 2026-04-11T12:55:00Z
1
value 0.0283
scoring_system epss
scoring_elements 0.86111
published_at 2026-04-01T12:55:00Z
2
value 0.0283
scoring_system epss
scoring_elements 0.86121
published_at 2026-04-02T12:55:00Z
3
value 0.0283
scoring_system epss
scoring_elements 0.86137
published_at 2026-04-07T12:55:00Z
4
value 0.0283
scoring_system epss
scoring_elements 0.86156
published_at 2026-04-08T12:55:00Z
5
value 0.0283
scoring_system epss
scoring_elements 0.86168
published_at 2026-04-09T12:55:00Z
6
value 0.03008
scoring_system epss
scoring_elements 0.86605
published_at 2026-04-18T12:55:00Z
7
value 0.03008
scoring_system epss
scoring_elements 0.866
published_at 2026-04-16T12:55:00Z
8
value 0.03311
scoring_system epss
scoring_elements 0.87253
published_at 2026-04-13T12:55:00Z
9
value 0.03311
scoring_system epss
scoring_elements 0.87257
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-3560
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=533174
reference_id 533174
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=533174
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901
reference_id 560901
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919
reference_id 560919
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920
reference_id 560920
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921
reference_id 560921
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922
reference_id 560922
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926
reference_id 560926
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927
reference_id 560927
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928
reference_id 560928
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929
reference_id 560929
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930
reference_id 560930
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935
reference_id 560935
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936
reference_id 560936
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937
reference_id 560937
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940
reference_id 560940
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942
reference_id 560942
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053
reference_id 601053
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053
20
reference_url https://httpd.apache.org/security/json/CVE-2009-3560.json
reference_id CVE-2009-3560
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-3560.json
21
reference_url https://security.gentoo.org/glsa/201209-06
reference_id GLSA-201209-06
reference_type
scores
url https://security.gentoo.org/glsa/201209-06
22
reference_url https://access.redhat.com/errata/RHSA-2009:1625
reference_id RHSA-2009:1625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1625
23
reference_url https://access.redhat.com/errata/RHSA-2017:3239
reference_id RHSA-2017:3239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3239
24
reference_url https://usn.ubuntu.com/890-1/
reference_id USN-890-1
reference_type
scores
url https://usn.ubuntu.com/890-1/
25
reference_url https://usn.ubuntu.com/890-2/
reference_id USN-890-2
reference_type
scores
url https://usn.ubuntu.com/890-2/
26
reference_url https://usn.ubuntu.com/890-3/
reference_id USN-890-3
reference_type
scores
url https://usn.ubuntu.com/890-3/
27
reference_url https://usn.ubuntu.com/890-4/
reference_id USN-890-4
reference_type
scores
url https://usn.ubuntu.com/890-4/
28
reference_url https://usn.ubuntu.com/890-5/
reference_id USN-890-5
reference_type
scores
url https://usn.ubuntu.com/890-5/
29
reference_url https://usn.ubuntu.com/890-6/
reference_id USN-890-6
reference_type
scores
url https://usn.ubuntu.com/890-6/
fixed_packages
0
url pkg:deb/debian/audacity@1.3.5-2%2Blenny1
purl pkg:deb/debian/audacity@1.3.5-2%2Blenny1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4e8r-fvv6-f7f2
1
vulnerability VCID-c1k4-7mhy-73gp
2
vulnerability VCID-nxc6-nv2g-17g6
3
vulnerability VCID-veb9-7659-wfg7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/audacity@1.3.5-2%252Blenny1
aliases CVE-2009-3560
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qtav-hqnd-b7fa
6
url VCID-veb9-7659-wfg7
vulnerability_id VCID-veb9-7659-wfg7
summary Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11867
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.3075
published_at 2026-04-18T12:55:00Z
1
value 0.00118
scoring_system epss
scoring_elements 0.30749
published_at 2026-04-01T12:55:00Z
2
value 0.00118
scoring_system epss
scoring_elements 0.30876
published_at 2026-04-02T12:55:00Z
3
value 0.00118
scoring_system epss
scoring_elements 0.30923
published_at 2026-04-04T12:55:00Z
4
value 0.00118
scoring_system epss
scoring_elements 0.30743
published_at 2026-04-07T12:55:00Z
5
value 0.00118
scoring_system epss
scoring_elements 0.30801
published_at 2026-04-08T12:55:00Z
6
value 0.00118
scoring_system epss
scoring_elements 0.30833
published_at 2026-04-09T12:55:00Z
7
value 0.00118
scoring_system epss
scoring_elements 0.30835
published_at 2026-04-11T12:55:00Z
8
value 0.00118
scoring_system epss
scoring_elements 0.3079
published_at 2026-04-12T12:55:00Z
9
value 0.00118
scoring_system epss
scoring_elements 0.30745
published_at 2026-04-13T12:55:00Z
10
value 0.00118
scoring_system epss
scoring_elements 0.3077
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11867
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11867
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976874
reference_id 976874
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976874
3
reference_url https://security.archlinux.org/AVG-1311
reference_id AVG-1311
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1311
4
reference_url https://usn.ubuntu.com/7211-1/
reference_id USN-7211-1
reference_type
scores
url https://usn.ubuntu.com/7211-1/
fixed_packages
0
url pkg:deb/debian/audacity@2.4.2~dfsg0-5
purl pkg:deb/debian/audacity@2.4.2~dfsg0-5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/audacity@2.4.2~dfsg0-5
aliases CVE-2020-11867
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-veb9-7659-wfg7
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/audacity@1.2.4b-2.1