Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/spamassassin@3.4.6-1

Type deb

Namespace debian

Name spamassassin

Version 3.4.6-1

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-5b74-77zm-3qbs

vulnerability_id VCID-5b74-77zm-3qbs

summary

A vulnerability in SpamAssassin might allow remote attackers to
    execute arbitrary commands.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1946.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1946.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1946

reference_id

reference_type

scores

value	0.01495
scoring_system	epss
scoring_elements	0.8104
published_at	2026-04-01T12:55:00Z

value	0.01495
scoring_system	epss
scoring_elements	0.81139
published_at	2026-04-21T12:55:00Z

value	0.01495
scoring_system	epss
scoring_elements	0.81141
published_at	2026-04-16T12:55:00Z

value	0.01495
scoring_system	epss
scoring_elements	0.81142
published_at	2026-04-18T12:55:00Z

value	0.01495
scoring_system	epss
scoring_elements	0.81049
published_at	2026-04-02T12:55:00Z

value	0.01495
scoring_system	epss
scoring_elements	0.81072
published_at	2026-04-07T12:55:00Z

value	0.01495
scoring_system	epss
scoring_elements	0.811
published_at	2026-04-08T12:55:00Z

value	0.01495
scoring_system	epss
scoring_elements	0.81107
published_at	2026-04-09T12:55:00Z

value	0.01495
scoring_system	epss
scoring_elements	0.81124
published_at	2026-04-11T12:55:00Z

value	0.01495
scoring_system	epss
scoring_elements	0.8111
published_at	2026-04-12T12:55:00Z

value	0.01495
scoring_system	epss
scoring_elements	0.81103
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1946

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1943276
reference_id	1943276
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1943276

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985962
reference_id	985962
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985962

reference_url

https://security.archlinux.org/AVG-1731

reference_id

AVG-1731

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1731

reference_url	https://security.gentoo.org/glsa/202105-26
reference_id	GLSA-202105-26
reference_type
scores
url	https://security.gentoo.org/glsa/202105-26

reference_url	https://access.redhat.com/errata/RHSA-2021:4315
reference_id	RHSA-2021:4315
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4315

reference_url	https://usn.ubuntu.com/4899-1/
reference_id	USN-4899-1
reference_type
scores
url	https://usn.ubuntu.com/4899-1/

reference_url	https://usn.ubuntu.com/4899-2/
reference_id	USN-4899-2
reference_type
scores
url	https://usn.ubuntu.com/4899-2/

fixed_packages

url pkg:deb/debian/spamassassin@3.4.2-1%2Bdeb10u3

purl pkg:deb/debian/spamassassin@3.4.2-1%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5b74-77zm-3qbs

vulnerability	VCID-5rd3-xtxh-y7g8

vulnerability	VCID-774s-rw8t-m3dm

vulnerability	VCID-kk1w-wzk2-9uex

vulnerability	VCID-pk9z-qnug-jbh7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.2-1%252Bdeb10u3

url	pkg:deb/debian/spamassassin@3.4.6-1
purl	pkg:deb/debian/spamassassin@3.4.6-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.6-1

aliases CVE-2020-1946

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5b74-77zm-3qbs

url VCID-5rd3-xtxh-y7g8

vulnerability_id VCID-5rd3-xtxh-y7g8

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11805.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11805.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-11805

reference_id

reference_type

scores

value	0.0003
scoring_system	epss
scoring_elements	0.08395
published_at	2026-04-01T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08437
published_at	2026-04-02T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08491
published_at	2026-04-04T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.0841
published_at	2026-04-07T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08482
published_at	2026-04-08T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.085
published_at	2026-04-09T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08493
published_at	2026-04-11T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08474
published_at	2026-04-12T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.0846
published_at	2026-04-13T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08353
published_at	2026-04-16T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08337
published_at	2026-04-18T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08495
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-11805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12420
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12420

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1784974
reference_id	1784974
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1784974

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946652
reference_id	946652
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946652

reference_url

https://security.archlinux.org/AVG-1077

reference_id

AVG-1077

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1077

reference_url	https://access.redhat.com/errata/RHSA-2020:4625
reference_id	RHSA-2020:4625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4625

reference_url	https://usn.ubuntu.com/4237-1/
reference_id	USN-4237-1
reference_type
scores
url	https://usn.ubuntu.com/4237-1/

reference_url	https://usn.ubuntu.com/4237-2/
reference_id	USN-4237-2
reference_type
scores
url	https://usn.ubuntu.com/4237-2/

fixed_packages

url pkg:deb/debian/spamassassin@3.4.2-1~deb9u3

purl pkg:deb/debian/spamassassin@3.4.2-1~deb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-11j4-bprs-akfx

vulnerability	VCID-4bzc-b456-w3d9

vulnerability	VCID-5b74-77zm-3qbs

vulnerability	VCID-5rd3-xtxh-y7g8

vulnerability	VCID-774s-rw8t-m3dm

vulnerability	VCID-kk1w-wzk2-9uex

vulnerability	VCID-nknr-wcys-8be7

vulnerability	VCID-pk9z-qnug-jbh7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.2-1~deb9u3

url pkg:deb/debian/spamassassin@3.4.2-1%2Bdeb10u3

purl pkg:deb/debian/spamassassin@3.4.2-1%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5b74-77zm-3qbs

vulnerability	VCID-5rd3-xtxh-y7g8

vulnerability	VCID-774s-rw8t-m3dm

vulnerability	VCID-kk1w-wzk2-9uex

vulnerability	VCID-pk9z-qnug-jbh7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.2-1%252Bdeb10u3

url	pkg:deb/debian/spamassassin@3.4.6-1
purl	pkg:deb/debian/spamassassin@3.4.6-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.6-1

aliases CVE-2018-11805

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5rd3-xtxh-y7g8

url VCID-774s-rw8t-m3dm

vulnerability_id VCID-774s-rw8t-m3dm

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1930.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1930.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1930

reference_id

reference_type

scores

value	0.01382
scoring_system	epss
scoring_elements	0.80245
published_at	2026-04-01T12:55:00Z

value	0.01382
scoring_system	epss
scoring_elements	0.80252
published_at	2026-04-02T12:55:00Z

value	0.01382
scoring_system	epss
scoring_elements	0.80273
published_at	2026-04-04T12:55:00Z

value	0.01382
scoring_system	epss
scoring_elements	0.80261
published_at	2026-04-07T12:55:00Z

value	0.01382
scoring_system	epss
scoring_elements	0.80288
published_at	2026-04-08T12:55:00Z

value	0.01382
scoring_system	epss
scoring_elements	0.80299
published_at	2026-04-09T12:55:00Z

value	0.01382
scoring_system	epss
scoring_elements	0.80318
published_at	2026-04-11T12:55:00Z

value	0.01382
scoring_system	epss
scoring_elements	0.80303
published_at	2026-04-12T12:55:00Z

value	0.01382
scoring_system	epss
scoring_elements	0.80297
published_at	2026-04-13T12:55:00Z

value	0.01382
scoring_system	epss
scoring_elements	0.80327
published_at	2026-04-16T12:55:00Z

value	0.01382
scoring_system	epss
scoring_elements	0.80329
published_at	2026-04-18T12:55:00Z

value	0.01382
scoring_system	epss
scoring_elements	0.80333
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1931

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1802977
reference_id	1802977
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1802977

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950258
reference_id	950258
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950258

reference_url	https://access.redhat.com/errata/RHSA-2020:4625
reference_id	RHSA-2020:4625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4625

reference_url	https://usn.ubuntu.com/4265-1/
reference_id	USN-4265-1
reference_type
scores
url	https://usn.ubuntu.com/4265-1/

reference_url	https://usn.ubuntu.com/4265-2/
reference_id	USN-4265-2
reference_type
scores
url	https://usn.ubuntu.com/4265-2/

fixed_packages

url pkg:deb/debian/spamassassin@3.4.2-1~deb9u3

purl pkg:deb/debian/spamassassin@3.4.2-1~deb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-11j4-bprs-akfx

vulnerability	VCID-4bzc-b456-w3d9

vulnerability	VCID-5b74-77zm-3qbs

vulnerability	VCID-5rd3-xtxh-y7g8

vulnerability	VCID-774s-rw8t-m3dm

vulnerability	VCID-kk1w-wzk2-9uex

vulnerability	VCID-nknr-wcys-8be7

vulnerability	VCID-pk9z-qnug-jbh7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.2-1~deb9u3

url pkg:deb/debian/spamassassin@3.4.2-1%2Bdeb10u3

purl pkg:deb/debian/spamassassin@3.4.2-1%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5b74-77zm-3qbs

vulnerability	VCID-5rd3-xtxh-y7g8

vulnerability	VCID-774s-rw8t-m3dm

vulnerability	VCID-kk1w-wzk2-9uex

vulnerability	VCID-pk9z-qnug-jbh7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.2-1%252Bdeb10u3

url	pkg:deb/debian/spamassassin@3.4.6-1
purl	pkg:deb/debian/spamassassin@3.4.6-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.6-1

aliases CVE-2020-1930

risk_score 3.0

exploitability 0.5

weighted_severity 6.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-774s-rw8t-m3dm

url VCID-kk1w-wzk2-9uex

vulnerability_id VCID-kk1w-wzk2-9uex

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1931.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1931.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1931

reference_id

reference_type

scores

value	0.01095
scoring_system	epss
scoring_elements	0.77935
published_at	2026-04-01T12:55:00Z

value	0.01095
scoring_system	epss
scoring_elements	0.77942
published_at	2026-04-02T12:55:00Z

value	0.01095
scoring_system	epss
scoring_elements	0.77969
published_at	2026-04-04T12:55:00Z

value	0.01095
scoring_system	epss
scoring_elements	0.77951
published_at	2026-04-07T12:55:00Z

value	0.01095
scoring_system	epss
scoring_elements	0.77978
published_at	2026-04-08T12:55:00Z

value	0.01095
scoring_system	epss
scoring_elements	0.77982
published_at	2026-04-09T12:55:00Z

value	0.01095
scoring_system	epss
scoring_elements	0.78008
published_at	2026-04-11T12:55:00Z

value	0.01095
scoring_system	epss
scoring_elements	0.77992
published_at	2026-04-12T12:55:00Z

value	0.01095
scoring_system	epss
scoring_elements	0.77991
published_at	2026-04-13T12:55:00Z

value	0.01095
scoring_system	epss
scoring_elements	0.78026
published_at	2026-04-16T12:55:00Z

value	0.01095
scoring_system	epss
scoring_elements	0.78025
published_at	2026-04-18T12:55:00Z

value	0.01095
scoring_system	epss
scoring_elements	0.78018
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1931

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1931
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1931

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1802975
reference_id	1802975
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1802975

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950258
reference_id	950258
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950258

reference_url	https://access.redhat.com/errata/RHSA-2020:4625
reference_id	RHSA-2020:4625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4625

reference_url	https://usn.ubuntu.com/4265-1/
reference_id	USN-4265-1
reference_type
scores
url	https://usn.ubuntu.com/4265-1/

reference_url	https://usn.ubuntu.com/4265-2/
reference_id	USN-4265-2
reference_type
scores
url	https://usn.ubuntu.com/4265-2/

fixed_packages

url pkg:deb/debian/spamassassin@3.4.2-1~deb9u3

purl pkg:deb/debian/spamassassin@3.4.2-1~deb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-11j4-bprs-akfx

vulnerability	VCID-4bzc-b456-w3d9

vulnerability	VCID-5b74-77zm-3qbs

vulnerability	VCID-5rd3-xtxh-y7g8

vulnerability	VCID-774s-rw8t-m3dm

vulnerability	VCID-kk1w-wzk2-9uex

vulnerability	VCID-nknr-wcys-8be7

vulnerability	VCID-pk9z-qnug-jbh7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.2-1~deb9u3

url pkg:deb/debian/spamassassin@3.4.2-1%2Bdeb10u3

purl pkg:deb/debian/spamassassin@3.4.2-1%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5b74-77zm-3qbs

vulnerability	VCID-5rd3-xtxh-y7g8

vulnerability	VCID-774s-rw8t-m3dm

vulnerability	VCID-kk1w-wzk2-9uex

vulnerability	VCID-pk9z-qnug-jbh7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.2-1%252Bdeb10u3

url	pkg:deb/debian/spamassassin@3.4.6-1
purl	pkg:deb/debian/spamassassin@3.4.6-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.6-1

aliases CVE-2020-1931

risk_score 3.0

exploitability 0.5

weighted_severity 6.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kk1w-wzk2-9uex

url VCID-pk9z-qnug-jbh7

vulnerability_id VCID-pk9z-qnug-jbh7

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12420.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12420.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12420

reference_id

reference_type

scores

value	0.13675
scoring_system	epss
scoring_elements	0.94215
published_at	2026-04-01T12:55:00Z

value	0.13675
scoring_system	epss
scoring_elements	0.94277
published_at	2026-04-21T12:55:00Z

value	0.13675
scoring_system	epss
scoring_elements	0.94257
published_at	2026-04-13T12:55:00Z

value	0.13675
scoring_system	epss
scoring_elements	0.94272
published_at	2026-04-16T12:55:00Z

value	0.13675
scoring_system	epss
scoring_elements	0.94225
published_at	2026-04-02T12:55:00Z

value	0.13675
scoring_system	epss
scoring_elements	0.94237
published_at	2026-04-04T12:55:00Z

value	0.13675
scoring_system	epss
scoring_elements	0.94239
published_at	2026-04-07T12:55:00Z

value	0.13675
scoring_system	epss
scoring_elements	0.94248
published_at	2026-04-08T12:55:00Z

value	0.13675
scoring_system	epss
scoring_elements	0.94252
published_at	2026-04-09T12:55:00Z

value	0.13675
scoring_system	epss
scoring_elements	0.94256
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12420

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12420
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12420

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1784984
reference_id	1784984
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1784984

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946653
reference_id	946653
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946653

reference_url

https://security.archlinux.org/AVG-1077

reference_id

AVG-1077

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1077

reference_url	https://access.redhat.com/errata/RHSA-2020:3973
reference_id	RHSA-2020:3973
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3973

reference_url	https://access.redhat.com/errata/RHSA-2020:4625
reference_id	RHSA-2020:4625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4625

reference_url	https://usn.ubuntu.com/4237-1/
reference_id	USN-4237-1
reference_type
scores
url	https://usn.ubuntu.com/4237-1/

reference_url	https://usn.ubuntu.com/4237-2/
reference_id	USN-4237-2
reference_type
scores
url	https://usn.ubuntu.com/4237-2/

fixed_packages

url pkg:deb/debian/spamassassin@3.4.2-1~deb9u3

purl pkg:deb/debian/spamassassin@3.4.2-1~deb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-11j4-bprs-akfx

vulnerability	VCID-4bzc-b456-w3d9

vulnerability	VCID-5b74-77zm-3qbs

vulnerability	VCID-5rd3-xtxh-y7g8

vulnerability	VCID-774s-rw8t-m3dm

vulnerability	VCID-kk1w-wzk2-9uex

vulnerability	VCID-nknr-wcys-8be7

vulnerability	VCID-pk9z-qnug-jbh7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.2-1~deb9u3

url pkg:deb/debian/spamassassin@3.4.2-1%2Bdeb10u3

purl pkg:deb/debian/spamassassin@3.4.2-1%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5b74-77zm-3qbs

vulnerability	VCID-5rd3-xtxh-y7g8

vulnerability	VCID-774s-rw8t-m3dm

vulnerability	VCID-kk1w-wzk2-9uex

vulnerability	VCID-pk9z-qnug-jbh7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.2-1%252Bdeb10u3

url	pkg:deb/debian/spamassassin@3.4.6-1
purl	pkg:deb/debian/spamassassin@3.4.6-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.6-1

aliases CVE-2019-12420

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pk9z-qnug-jbh7

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/spamassassin@3.4.6-1

Package Instance