Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1052561?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1052561?format=api", "purl": "pkg:deb/debian/openafs@1.8.2-1%2Bdeb10u1", "type": "deb", "namespace": "debian", "name": "openafs", "version": "1.8.2-1+deb10u1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.8.9-1+deb12u1", "latest_non_vulnerable_version": "1.8.9-1+deb12u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95917?format=api", "vulnerability_id": "VCID-2dzj-pdn1-gffv", "summary": "An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client FetchACL RPCs can cause client processes to crash and possibly expose uninitialized memory into other ACLs stored on the server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10396", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36125", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36176", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3615", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36193", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36177", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36272", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36305", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3614", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3619", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36208", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36213", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10396" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087406", "reference_id": "1087406", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087406" }, { "reference_url": "https://www.openafs.org/pages/security/OPENAFS-SA-2024-002.txt", "reference_id": "OPENAFS-SA-2024-002.txt", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:58:56Z/" } ], "url": "https://www.openafs.org/pages/security/OPENAFS-SA-2024-002.txt" }, { "reference_url": "https://www.openafs.org/security", "reference_id": "security", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:58:56Z/" } ], "url": "https://www.openafs.org/security" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052563?format=api", "purl": "pkg:deb/debian/openafs@1.8.9-1%2Bdeb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.9-1%252Bdeb12u1" } ], "aliases": [ "CVE-2024-10396" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2dzj-pdn1-gffv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94087?format=api", "vulnerability_id": "VCID-3thg-8s1s-zyad", "summary": "OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.6151", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61525", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61356", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61433", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61461", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61432", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61479", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61494", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61515", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61502", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61482", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61521", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18602" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00002.html" }, { "reference_url": "https://openafs.org/pages/security/OPENAFS-SA-2019-002.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://openafs.org/pages/security/OPENAFS-SA-2019-002.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943587", "reference_id": "943587", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943587" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18602", "reference_id": "CVE-2019-18602", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052562?format=api", "purl": "pkg:deb/debian/openafs@1.8.6-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2dzj-pdn1-gffv" }, { "vulnerability": "VCID-3wzs-pca6-kfgu" }, { "vulnerability": "VCID-5z4c-t4de-fkhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.6-5" } ], "aliases": [ "CVE-2019-18602" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3thg-8s1s-zyad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95918?format=api", "vulnerability_id": "VCID-3wzs-pca6-kfgu", "summary": "A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10397", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35495", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.3552", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42313", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42409", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42384", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42346", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42395", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42402", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42425", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42389", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.4236", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10397" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087406", "reference_id": "1087406", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087406" }, { "reference_url": "https://www.openafs.org/pages/security/OPENAFS-SA-2024-003.txt", "reference_id": "OPENAFS-SA-2024-003.txt", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:46:42Z/" } ], "url": "https://www.openafs.org/pages/security/OPENAFS-SA-2024-003.txt" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052563?format=api", "purl": "pkg:deb/debian/openafs@1.8.9-1%2Bdeb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.9-1%252Bdeb12u1" } ], "aliases": [ "CVE-2024-10397" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3wzs-pca6-kfgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95916?format=api", "vulnerability_id": "VCID-5z4c-t4de-fkhj", "summary": "A local user can bypass the OpenAFS PAG (Process Authentication Group) throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10394", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.00988", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02101", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02028", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02025", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02002", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02016", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0205", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02052", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02069", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02044", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10394" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10394", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10394" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087406", "reference_id": "1087406", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087406" }, { "reference_url": "https://www.openafs.org/pages/security/OPENAFS-SA-2024-001.txt", "reference_id": "OPENAFS-SA-2024-001.txt", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:59:42Z/" } ], "url": "https://www.openafs.org/pages/security/OPENAFS-SA-2024-001.txt" }, { "reference_url": "https://www.openafs.org/security", "reference_id": "security", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:59:42Z/" } ], "url": "https://www.openafs.org/security" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052563?format=api", "purl": "pkg:deb/debian/openafs@1.8.9-1%2Bdeb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.9-1%252Bdeb12u1" } ], "aliases": [ "CVE-2024-10394" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5z4c-t4de-fkhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94086?format=api", "vulnerability_id": "VCID-6yfs-sxke-hbat", "summary": "OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of service from unserialized data access because remote attackers can make a series of VOTE_Debug RPC calls to crash a database server within the SVOTE_Debug RPC handler.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18601", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78093", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78099", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78009", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78017", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78046", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78029", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78055", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78059", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78085", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78068", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78065", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.781", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18601" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00002.html" }, { "reference_url": "https://openafs.org/pages/security/OPENAFS-SA-2019-003.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://openafs.org/pages/security/OPENAFS-SA-2019-003.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943587", "reference_id": "943587", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943587" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18601", "reference_id": "CVE-2019-18601", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18601" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052562?format=api", "purl": "pkg:deb/debian/openafs@1.8.6-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2dzj-pdn1-gffv" }, { "vulnerability": "VCID-3wzs-pca6-kfgu" }, { "vulnerability": "VCID-5z4c-t4de-fkhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.6-5" } ], "aliases": [ "CVE-2019-18601" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6yfs-sxke-hbat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94088?format=api", "vulnerability_id": "VCID-tf8j-e36c-syf8", "summary": "OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error conditions because uninitialized RPC output variables are sent over the network to a peer.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18603", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.6151", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61525", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61356", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61433", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61461", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61432", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61479", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61494", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61515", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61502", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61482", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61521", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18603" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00002.html" }, { "reference_url": "https://openafs.org/pages/security/OPENAFS-SA-2019-001.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://openafs.org/pages/security/OPENAFS-SA-2019-001.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943587", "reference_id": "943587", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943587" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18603", "reference_id": "CVE-2019-18603", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18603" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052562?format=api", "purl": "pkg:deb/debian/openafs@1.8.6-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2dzj-pdn1-gffv" }, { "vulnerability": "VCID-3wzs-pca6-kfgu" }, { "vulnerability": "VCID-5z4c-t4de-fkhj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.6-5" } ], "aliases": [ "CVE-2019-18603" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tf8j-e36c-syf8" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70428?format=api", "vulnerability_id": "VCID-e2vs-kppq-zff6", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-17432", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.79228", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.79226", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.79153", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.79159", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.79184", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.7917", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.79195", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.79203", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.79227", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.79212", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.79229", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-17432" }, { "reference_url": "https://bugs.debian.org/883602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/883602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17432", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17432" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00016.html" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-4067" }, { "reference_url": "https://www.openafs.org/pages/security/OPENAFS-SA-2017-001.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openafs.org/pages/security/OPENAFS-SA-2017-001.txt" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883602", "reference_id": "883602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883602" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17432", "reference_id": "CVE-2017-17432", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17432" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035956?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2dzj-pdn1-gffv" }, { "vulnerability": "VCID-2q1w-btf8-nkct" }, { "vulnerability": "VCID-3thg-8s1s-zyad" }, { "vulnerability": "VCID-3wzs-pca6-kfgu" }, { "vulnerability": "VCID-4nmg-8ntm-wkh6" }, { "vulnerability": "VCID-5z4c-t4de-fkhj" }, { "vulnerability": "VCID-6yfs-sxke-hbat" }, { "vulnerability": "VCID-8hn8-d5rz-v7gn" }, { "vulnerability": "VCID-dahm-yt6t-ruap" }, { "vulnerability": "VCID-dqvc-h6tg-nycg" }, { "vulnerability": "VCID-e2vs-kppq-zff6" }, { "vulnerability": "VCID-fyf1-fg12-z7hz" }, { "vulnerability": "VCID-ks47-edrs-xbc3" }, { "vulnerability": "VCID-tf8j-e36c-syf8" }, { "vulnerability": "VCID-u141-pmrt-t3e9" }, { "vulnerability": "VCID-u8f1-fg77-efhc" }, { "vulnerability": "VCID-uvnq-mwb3-8ub9" }, { "vulnerability": "VCID-w6k1-2px5-97gj" }, { "vulnerability": "VCID-y9rq-rewv-2qd8" }, { "vulnerability": "VCID-zab2-z21w-1qde" }, { "vulnerability": "VCID-zsd8-ykp1-4ke9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036936?format=api", "purl": "pkg:deb/debian/openafs@1.6.20-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2dzj-pdn1-gffv" }, { "vulnerability": "VCID-3thg-8s1s-zyad" }, { "vulnerability": "VCID-3wzs-pca6-kfgu" }, { "vulnerability": "VCID-5z4c-t4de-fkhj" }, { "vulnerability": "VCID-6yfs-sxke-hbat" }, { "vulnerability": "VCID-e2vs-kppq-zff6" }, { "vulnerability": "VCID-fyf1-fg12-z7hz" }, { "vulnerability": "VCID-tf8j-e36c-syf8" }, { "vulnerability": "VCID-u141-pmrt-t3e9" }, { "vulnerability": "VCID-zsd8-ykp1-4ke9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.20-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052561?format=api", "purl": "pkg:deb/debian/openafs@1.8.2-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2dzj-pdn1-gffv" }, { "vulnerability": "VCID-3thg-8s1s-zyad" }, { "vulnerability": "VCID-3wzs-pca6-kfgu" }, { "vulnerability": "VCID-5z4c-t4de-fkhj" }, { "vulnerability": "VCID-6yfs-sxke-hbat" }, { "vulnerability": "VCID-tf8j-e36c-syf8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.2-1%252Bdeb10u1" } ], "aliases": [ "CVE-2017-17432" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e2vs-kppq-zff6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74706?format=api", "vulnerability_id": "VCID-fyf1-fg12-z7hz", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16949", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.89207", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.89213", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.89228", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.8923", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.89248", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.89253", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.89262", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.89258", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.89255", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.89268", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.89263", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16949" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908616", "reference_id": "908616", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908616" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036936?format=api", "purl": "pkg:deb/debian/openafs@1.6.20-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2dzj-pdn1-gffv" }, { "vulnerability": "VCID-3thg-8s1s-zyad" }, { "vulnerability": "VCID-3wzs-pca6-kfgu" }, { "vulnerability": "VCID-5z4c-t4de-fkhj" }, { "vulnerability": "VCID-6yfs-sxke-hbat" }, { "vulnerability": "VCID-e2vs-kppq-zff6" }, { "vulnerability": "VCID-fyf1-fg12-z7hz" }, { "vulnerability": "VCID-tf8j-e36c-syf8" }, { "vulnerability": "VCID-u141-pmrt-t3e9" }, { "vulnerability": "VCID-zsd8-ykp1-4ke9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.20-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052561?format=api", "purl": "pkg:deb/debian/openafs@1.8.2-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2dzj-pdn1-gffv" }, { "vulnerability": "VCID-3thg-8s1s-zyad" }, { "vulnerability": "VCID-3wzs-pca6-kfgu" }, { "vulnerability": "VCID-5z4c-t4de-fkhj" }, { "vulnerability": "VCID-6yfs-sxke-hbat" }, { "vulnerability": "VCID-tf8j-e36c-syf8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.2-1%252Bdeb10u1" } ], "aliases": [ "CVE-2018-16949" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fyf1-fg12-z7hz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74705?format=api", "vulnerability_id": "VCID-u141-pmrt-t3e9", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16948", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57826", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57911", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.5793", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57906", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57961", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57963", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57979", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57956", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57936", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57966", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57964", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57942", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16949" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908616", "reference_id": "908616", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908616" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036936?format=api", "purl": "pkg:deb/debian/openafs@1.6.20-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2dzj-pdn1-gffv" }, { "vulnerability": "VCID-3thg-8s1s-zyad" }, { "vulnerability": "VCID-3wzs-pca6-kfgu" }, { "vulnerability": "VCID-5z4c-t4de-fkhj" }, { "vulnerability": "VCID-6yfs-sxke-hbat" }, { "vulnerability": "VCID-e2vs-kppq-zff6" }, { "vulnerability": "VCID-fyf1-fg12-z7hz" }, { "vulnerability": "VCID-tf8j-e36c-syf8" }, { "vulnerability": "VCID-u141-pmrt-t3e9" }, { "vulnerability": "VCID-zsd8-ykp1-4ke9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.20-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052561?format=api", "purl": "pkg:deb/debian/openafs@1.8.2-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2dzj-pdn1-gffv" }, { "vulnerability": "VCID-3thg-8s1s-zyad" }, { "vulnerability": "VCID-3wzs-pca6-kfgu" }, { "vulnerability": "VCID-5z4c-t4de-fkhj" }, { "vulnerability": "VCID-6yfs-sxke-hbat" }, { "vulnerability": "VCID-tf8j-e36c-syf8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.2-1%252Bdeb10u1" } ], "aliases": [ "CVE-2018-16948" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u141-pmrt-t3e9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74704?format=api", "vulnerability_id": "VCID-zsd8-ykp1-4ke9", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.80965", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.80974", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.80998", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.80996", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81025", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81031", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81049", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81035", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81028", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81065", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81066", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81064", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16949" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908616", "reference_id": "908616", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908616" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036936?format=api", "purl": "pkg:deb/debian/openafs@1.6.20-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2dzj-pdn1-gffv" }, { "vulnerability": "VCID-3thg-8s1s-zyad" }, { "vulnerability": "VCID-3wzs-pca6-kfgu" }, { "vulnerability": "VCID-5z4c-t4de-fkhj" }, { "vulnerability": "VCID-6yfs-sxke-hbat" }, { "vulnerability": "VCID-e2vs-kppq-zff6" }, { "vulnerability": "VCID-fyf1-fg12-z7hz" }, { "vulnerability": "VCID-tf8j-e36c-syf8" }, { "vulnerability": "VCID-u141-pmrt-t3e9" }, { "vulnerability": "VCID-zsd8-ykp1-4ke9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.20-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052561?format=api", "purl": "pkg:deb/debian/openafs@1.8.2-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2dzj-pdn1-gffv" }, { "vulnerability": "VCID-3thg-8s1s-zyad" }, { "vulnerability": "VCID-3wzs-pca6-kfgu" }, { "vulnerability": "VCID-5z4c-t4de-fkhj" }, { "vulnerability": "VCID-6yfs-sxke-hbat" }, { "vulnerability": "VCID-tf8j-e36c-syf8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.2-1%252Bdeb10u1" } ], "aliases": [ "CVE-2018-16947" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zsd8-ykp1-4ke9" } ], "risk_score": "3.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.2-1%252Bdeb10u1" }