Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1055621?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1055621?format=api", "purl": "pkg:deb/debian/bzip2@1.0.5-6%2Bsqueeze1", "type": "deb", "namespace": "debian", "name": "bzip2", "version": "1.0.5-6+squeeze1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.0.6-9.2~deb10u1", "latest_non_vulnerable_version": "1.0.6-9.2~deb10u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90622?format=api", "vulnerability_id": "VCID-569v-spq6-dbhv", "summary": "The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4089.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4089.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4089", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35722", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3592", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3595", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35781", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35831", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35854", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35861", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3582", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35797", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35836", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35824", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35775", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4089" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4089", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4089" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632862", "reference_id": "632862", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632862" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/18147.c", "reference_id": "CVE-2011-4089;OSVDB-77356", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/18147.c" }, { "reference_url": "https://usn.ubuntu.com/1308-1/", "reference_id": "USN-1308-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1308-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1055622?format=api", "purl": "pkg:deb/debian/bzip2@1.0.6-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n51n-m2r7-kbdy" }, { "vulnerability": "VCID-rgbz-6485-tfan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bzip2@1.0.6-4" } ], "aliases": [ "CVE-2011-4089" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-569v-spq6-dbhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72794?format=api", "vulnerability_id": "VCID-n51n-m2r7-kbdy", "summary": "bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12900.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12900.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12900", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78111", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78174", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78179", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.7818", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78146", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.7815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78168", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78143", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78129", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78137", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01132", "scoring_system": "epss", "scoring_elements": "0.78283", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01132", "scoring_system": "epss", "scoring_elements": "0.7829", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2332075", "reference_id": "2332075", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2332075" }, { "reference_url": "https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc", "reference_id": "74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/" } ], "url": "https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930886", "reference_id": "930886", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930886" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934359", "reference_id": "934359", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934359" }, { "reference_url": "https://support.f5.com/csp/article/K68713584?utm_source=f5support&%3Butm_medium=RSS", "reference_id": "K68713584?utm_source=f5support&%3Butm_medium=RSS", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/" } ], "url": "https://support.f5.com/csp/article/K68713584?utm_source=f5support&%3Butm_medium=RSS" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html", "reference_id": "msg00014.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html", "reference_id": "msg00040.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html", "reference_id": "msg00050.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html" }, { "reference_url": "https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774%40%3Cuser.flink.apache.org%3E", "reference_id": "rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774%40%3Cuser.flink.apache.org%3E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/" } ], "url": "https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774%40%3Cuser.flink.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4%40%3Cuser.flink.apache.org%3E", "reference_id": "rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4%40%3Cuser.flink.apache.org%3E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/" } ], "url": "https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4%40%3Cuser.flink.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10803", "reference_id": "RHSA-2024:10803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8922", "reference_id": "RHSA-2024:8922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0733", "reference_id": "RHSA-2025:0733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0925", "reference_id": "RHSA-2025:0925", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0925" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1154", "reference_id": "RHSA-2025:1154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1154" }, { "reference_url": "https://usn.ubuntu.com/4038-1/", "reference_id": "USN-4038-1", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/" } ], "url": "https://usn.ubuntu.com/4038-1/" }, { "reference_url": "https://usn.ubuntu.com/4038-2/", "reference_id": "USN-4038-2", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/" } ], "url": "https://usn.ubuntu.com/4038-2/" }, { "reference_url": "https://usn.ubuntu.com/4146-1/", "reference_id": "USN-4146-1", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/" } ], "url": "https://usn.ubuntu.com/4146-1/" }, { "reference_url": "https://usn.ubuntu.com/4146-2/", "reference_id": "USN-4146-2", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/" } ], "url": "https://usn.ubuntu.com/4146-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1059035?format=api", "purl": "pkg:deb/debian/bzip2@1.0.6-9.2~deb10u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bzip2@1.0.6-9.2~deb10u1" } ], "aliases": [ "CVE-2019-12900" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n51n-m2r7-kbdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36092?format=api", "vulnerability_id": "VCID-rgbz-6485-tfan", "summary": "An use-after-free vulnerability has been found in bzip2 that could\n allow remote attackers to cause a Denial of Service condition.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html" }, { "reference_url": "http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3189.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3189.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3189", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.23714", "scoring_system": "epss", "scoring_elements": "0.96008", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.23714", "scoring_system": "epss", "scoring_elements": "0.95999", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.23714", "scoring_system": "epss", "scoring_elements": "0.95996", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.23714", "scoring_system": "epss", "scoring_elements": "0.95993", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.23714", "scoring_system": "epss", "scoring_elements": "0.95991", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.23714", "scoring_system": "epss", "scoring_elements": "0.95982", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.23714", "scoring_system": "epss", "scoring_elements": "0.95977", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.23714", "scoring_system": "epss", "scoring_elements": "0.95971", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.23714", "scoring_system": "epss", "scoring_elements": "0.96015", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.23714", "scoring_system": "epss", "scoring_elements": "0.96014", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.23714", "scoring_system": "epss", "scoring_elements": "0.95963", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3189" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3189", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3189" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.apache.org/thread.html/r19b4a70ac52093115fd71d773a7a4f579599e6275a13cfcf6252c3e3%40%3Cjira.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://lists.apache.org/thread.html/r19b4a70ac52093115fd71d773a7a4f579599e6275a13cfcf6252c3e3%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1dc4c9b3bd559301bdb1557245f78b8910146efb1ee534b774c5f6af%40%3Cdev.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://lists.apache.org/thread.html/r1dc4c9b3bd559301bdb1557245f78b8910146efb1ee534b774c5f6af%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r481cda41fefb03e04c51484ed14421d812e5ce9e0972edff10f37260%40%3Cjira.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://lists.apache.org/thread.html/r481cda41fefb03e04c51484ed14421d812e5ce9e0972edff10f37260%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4ad2ea01354e394b7fa8c78a184b7e1634d51be9bc0e9e4d7e6c9305%40%3Cjira.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://lists.apache.org/thread.html/r4ad2ea01354e394b7fa8c78a184b7e1634d51be9bc0e9e4d7e6c9305%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5f7ac2bd631ccb12ced65b71ff11f94e76d05b22000795e4a7b61203%40%3Cjira.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://lists.apache.org/thread.html/r5f7ac2bd631ccb12ced65b71ff11f94e76d05b22000795e4a7b61203%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5f80cf3ade5bb73410643e885fe6b7bf9f0222daf3533e42c7ae240c%40%3Cjira.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://lists.apache.org/thread.html/r5f80cf3ade5bb73410643e885fe6b7bf9f0222daf3533e42c7ae240c%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6e3962fc9f6a79851f70cffdec5759065969cec9c6708b964464b301%40%3Cjira.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://lists.apache.org/thread.html/r6e3962fc9f6a79851f70cffdec5759065969cec9c6708b964464b301%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/redf17d8ad16140733b25ca402ae825d6dfa9b85f73d9fb3fd0c75d73%40%3Cdev.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://lists.apache.org/thread.html/redf17d8ad16140733b25ca402ae825d6dfa9b85f73d9fb3fd0c75d73%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rffebcbeaace56ff1fed7916700d2f414ca1366386fb1293e99b3e31e%40%3Cjira.kafka.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://lists.apache.org/thread.html/rffebcbeaace56ff1fed7916700d2f414ca1366386fb1293e99b3e31e%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html" }, { "reference_url": "https://seclists.org/bugtraq/2019/Aug/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://seclists.org/bugtraq/2019/Aug/4" }, { "reference_url": "https://seclists.org/bugtraq/2019/Jul/22", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://seclists.org/bugtraq/2019/Jul/22" }, { "reference_url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/06/20/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/06/20/1" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.securityfocus.com/bid/91297", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "http://www.securityfocus.com/bid/91297" }, { "reference_url": "http://www.securitytracker.com/id/1036132", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "http://www.securitytracker.com/id/1036132" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1319648", "reference_id": "1319648", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1319648" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827744", "reference_id": "827744", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827744" }, { "reference_url": "https://security.archlinux.org/ASA-201702-19", "reference_id": "ASA-201702-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201702-19" }, { "reference_url": "https://security.archlinux.org/AVG-4", "reference_id": "AVG-4", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:1.0.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3189", "reference_id": "CVE-2016-3189", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3189" }, { "reference_url": "https://security.gentoo.org/glsa/201708-08", "reference_id": "GLSA-201708-08", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://security.gentoo.org/glsa/201708-08" }, { "reference_url": "https://usn.ubuntu.com/4038-1/", "reference_id": "USN-4038-1", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://usn.ubuntu.com/4038-1/" }, { "reference_url": "https://usn.ubuntu.com/4038-2/", "reference_id": "USN-4038-2", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:58:23Z/" } ], "url": "https://usn.ubuntu.com/4038-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1058939?format=api", "purl": "pkg:deb/debian/bzip2@1.0.6-8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-n51n-m2r7-kbdy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bzip2@1.0.6-8.1" } ], "aliases": [ "CVE-2016-3189" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rgbz-6485-tfan" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47802?format=api", "vulnerability_id": "VCID-azhe-cxb8-3kbb", "summary": "Multiple vulnerabilities were found in Clam AntiVirus, the most\n severe of which may allow the execution of arbitrary code.", "references": [ { "reference_url": "http://blogs.sun.com/security/entry/cve_2010_0405_integer_overflow", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blogs.sun.com/security/entry/cve_2010_0405_integer_overflow" }, { "reference_url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.3" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051278.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051278.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051366.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051366.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html" }, { "reference_url": "http://marc.info/?l=oss-security&m=128506868510655&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=oss-security&m=128506868510655&w=2" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0405.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0405.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0405", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07688", "scoring_system": "epss", "scoring_elements": "0.91923", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.07688", "scoring_system": "epss", "scoring_elements": "0.91871", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07688", "scoring_system": "epss", "scoring_elements": "0.91879", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07688", "scoring_system": "epss", "scoring_elements": "0.91886", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07688", "scoring_system": "epss", "scoring_elements": "0.91893", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07688", "scoring_system": "epss", "scoring_elements": "0.91905", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07688", "scoring_system": "epss", "scoring_elements": "0.91911", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07688", "scoring_system": "epss", "scoring_elements": "0.91914", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07688", "scoring_system": "epss", "scoring_elements": "0.9191", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07688", "scoring_system": "epss", "scoring_elements": "0.91929", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07688", "scoring_system": "epss", "scoring_elements": "0.91926", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405" }, { "reference_url": "http://secunia.com/advisories/41452", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/41452" }, { "reference_url": "http://secunia.com/advisories/41505", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/41505" }, { "reference_url": "http://secunia.com/advisories/42350", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42350" }, { "reference_url": "http://secunia.com/advisories/42404", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42404" }, { "reference_url": "http://secunia.com/advisories/42405", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42405" }, { "reference_url": "http://secunia.com/advisories/42529", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42529" }, { "reference_url": "http://secunia.com/advisories/42530", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42530" }, { "reference_url": "http://secunia.com/advisories/48378", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/48378" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201301-05.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201301-05.xml" }, { "reference_url": "http://support.apple.com/kb/HT4581", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT4581" }, { "reference_url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2230", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2230" }, { "reference_url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2231" }, { "reference_url": "http://www.bzip.org/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.bzip.org/" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0703.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0703.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0858.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0858.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded" }, { "reference_url": "http://www.ubuntu.com/usn/usn-986-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-986-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-986-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-986-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-986-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-986-3" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2455", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/2455" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3043", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/3043" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3052", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/3052" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3073", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/3073" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3126", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/3126" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3127", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/3127" }, { "reference_url": "http://xorl.wordpress.com/2010/09/21/cve-2010-0405-bzip2-integer-overflow/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xorl.wordpress.com/2010/09/21/cve-2010-0405-bzip2-integer-overflow/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=627882", "reference_id": "627882", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=627882" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.0a:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9.0a:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.0a:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.0b:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9.0b:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.0b:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.0c:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9.0c:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.0c:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5_a:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9.5_a:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5_a:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5a:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9.5a:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5a:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5_b:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9.5_b:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5_b:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5b:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9.5b:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5b:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5_c:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9.5_c:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5_c:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5c:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9.5c:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5c:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5_d:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9.5_d:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5_d:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5d:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9.5d:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9.5d:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9_a:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9_a:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9_a:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9_b:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9_b:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9_b:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9_c:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:0.9_c:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:0.9_c:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:1.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:1.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:1.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:bzip:bzip2:1.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:bzip:bzip2:1.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libzip2:libzip2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libzip2:libzip2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libzip2:libzip2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0405", "reference_id": "CVE-2010-0405", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0405" }, { "reference_url": "https://security.gentoo.org/glsa/201110-20", "reference_id": "GLSA-201110-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-20" }, { "reference_url": "https://security.gentoo.org/glsa/201301-05", "reference_id": "GLSA-201301-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0703", "reference_id": "RHSA-2010:0703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0858", "reference_id": "RHSA-2010:0858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0858" }, { "reference_url": "https://usn.ubuntu.com/986-1/", "reference_id": "USN-986-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/986-1/" }, { "reference_url": "https://usn.ubuntu.com/986-2/", "reference_id": "USN-986-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/986-2/" }, { "reference_url": "https://usn.ubuntu.com/986-3/", "reference_id": "USN-986-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/986-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1055621?format=api", "purl": "pkg:deb/debian/bzip2@1.0.5-6%2Bsqueeze1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-569v-spq6-dbhv" }, { "vulnerability": "VCID-n51n-m2r7-kbdy" }, { "vulnerability": "VCID-rgbz-6485-tfan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bzip2@1.0.5-6%252Bsqueeze1" } ], "aliases": [ "CVE-2010-0405" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-azhe-cxb8-3kbb" } ], "risk_score": "4.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bzip2@1.0.5-6%252Bsqueeze1" }