Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1081514?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "type": "deb", "namespace": "debian", "name": "exim4", "version": "4.99.1-6", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "4.99.2-1", "latest_non_vulnerable_version": "4.99.2-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45525?format=api", "vulnerability_id": "VCID-1ev3-fe86-93e3", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0201", "scoring_system": "epss", "scoring_elements": "0.8366", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0201", "scoring_system": "epss", "scoring_elements": "0.83632", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0201", "scoring_system": "epss", "scoring_elements": "0.83645", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84337", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84355", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84347", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84344", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84366", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84369", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84395", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84405", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.8441", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.8443", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.8431", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84331", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28022" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ev3-fe86-93e3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45532?format=api", "vulnerability_id": "VCID-1kpw-zhj4-jfaz", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03938", "scoring_system": "epss", "scoring_elements": "0.88294", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03938", "scoring_system": "epss", "scoring_elements": "0.88309", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03938", "scoring_system": "epss", "scoring_elements": "0.88286", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0426", "scoring_system": "epss", "scoring_elements": "0.88813", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0426", "scoring_system": "epss", "scoring_elements": "0.88825", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0426", "scoring_system": "epss", "scoring_elements": "0.8882", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0426", "scoring_system": "epss", "scoring_elements": "0.88791", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0426", "scoring_system": "epss", "scoring_elements": "0.88808", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0426", "scoring_system": "epss", "scoring_elements": "0.88834", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0426", "scoring_system": "epss", "scoring_elements": "0.88832", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.88898", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.88867", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.88884", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.8889", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.88891", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28026" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1kpw-zhj4-jfaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45533?format=api", "vulnerability_id": "VCID-1tqm-3s38-fqcn", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27216", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17639", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17843", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17821", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17785", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17873", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17961", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18022", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18038", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17993", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17943", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17886", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17897", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17934", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21308", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21364", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21156", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27216" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27216", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27216" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-27216" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1tqm-3s38-fqcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48314?format=api", "vulnerability_id": "VCID-2qea-x4nk-zfba", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://exim.org/static/doc/security/CVE-2019-15846.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://exim.org/static/doc/security/CVE-2019-15846.txt" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00024.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15846.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15846.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15846", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98443", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98432", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98433", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98437", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98436", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98439", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.9844", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.6448", "scoring_system": "epss", "scoring_elements": "0.98448", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.6448", "scoring_system": "epss", "scoring_elements": "0.9845", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.6448", "scoring_system": "epss", "scoring_elements": "0.98458", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.6448", "scoring_system": "epss", "scoring_elements": "0.98438", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.6448", "scoring_system": "epss", "scoring_elements": "0.9844", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.6448", "scoring_system": "epss", "scoring_elements": "0.98443", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.6448", "scoring_system": "epss", "scoring_elements": "0.98445", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15846" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15846", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15846" }, { "reference_url": "https://exim.org/static/doc/security/CVE-2019-15846.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exim.org/static/doc/security/CVE-2019-15846.txt" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00004.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FT3GY7V7SR2RHKNZNQCGXFWUSILVSZNU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FT3GY7V7SR2RHKNZNQCGXFWUSILVSZNU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDF37AUNETIOXY6ZLQAUBGBVUTMMV242/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDF37AUNETIOXY6ZLQAUBGBVUTMMV242/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SBNHDAF74RI6VK2JVSEIE3VYNL7JJDYM/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SBNHDAF74RI6VK2JVSEIE3VYNL7JJDYM/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Sep/13", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Sep/13" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4517" }, { "reference_url": "https://www.kb.cert.org/vuls/id/672565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.kb.cert.org/vuls/id/672565" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2019/09/06/1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openwall.com/lists/oss-security/2019/09/06/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/06/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/06/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/06/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/06/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/06/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/06/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/06/6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/06/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/06/8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/06/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/07/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/07/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/07/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/07/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/08/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/08/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/09/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/09/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1748397", "reference_id": "1748397", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1748397" }, { "reference_url": "https://security.archlinux.org/ASA-201909-3", "reference_id": "ASA-201909-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201909-3" }, { "reference_url": "https://security.archlinux.org/AVG-1037", "reference_id": "AVG-1037", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1037" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15846", "reference_id": "CVE-2019-15846", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15846" }, { "reference_url": "https://security.gentoo.org/glsa/201909-06", "reference_id": "GLSA-201909-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201909-06" }, { "reference_url": "https://usn.ubuntu.com/4124-1/", "reference_id": "USN-4124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4124-1/" }, { "reference_url": "https://usn.ubuntu.com/4124-2/", "reference_id": "USN-4124-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4124-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586746?format=api", "purl": "pkg:deb/debian/exim4@4.92.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-15846" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2qea-x4nk-zfba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45524?format=api", "vulnerability_id": "VCID-3z7r-efh2-tyf9", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91133", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91111", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91125", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91123", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91118", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91057", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91069", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91075", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91084", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91085", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91109", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07645", "scoring_system": "epss", "scoring_elements": "0.91855", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07645", "scoring_system": "epss", "scoring_elements": "0.91862", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07645", "scoring_system": "epss", "scoring_elements": "0.91847", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28021" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3z7r-efh2-tyf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56931?format=api", "vulnerability_id": "VCID-55h7-dczu-rfhe", "summary": "Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42115.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42115.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42115", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98712", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98701", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98705", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98707", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98708", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98691", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98692", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98693", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98695", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98696", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98697", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.987", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.72904", "scoring_system": "epss", "scoring_elements": "0.98772", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.72904", "scoring_system": "epss", "scoring_elements": "0.98769", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241525", "reference_id": "2241525", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241525" }, { "reference_url": "https://security.gentoo.org/glsa/202402-18", "reference_id": "GLSA-202402-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-18" }, { "reference_url": "https://usn.ubuntu.com/6411-1/", "reference_id": "USN-6411-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6411-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1469/", "reference_id": "ZDI-23-1469", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-09-20T19:32:20Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1469/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583814?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/583815?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/583816?format=api", "purl": "pkg:deb/debian/exim4@4.97~RC1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.97~RC1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-42115" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-55h7-dczu-rfhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57178?format=api", "vulnerability_id": "VCID-56xq-sgry-2uhd", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6789.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6789.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6789", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99415", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99404", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99403", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99405", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99406", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99407", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99408", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99409", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.9941", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99411", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99414", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99412", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99413", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6789" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6789" }, { "reference_url": "http://www.securityfocus.com/bid/103049", "reference_id": "103049", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "http://www.securityfocus.com/bid/103049" }, { "reference_url": "http://www.securitytracker.com/id/1040461", "reference_id": "1040461", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "http://www.securitytracker.com/id/1040461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1543268", "reference_id": "1543268", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1543268" }, { "reference_url": "http://openwall.com/lists/oss-security/2018/02/10/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "http://openwall.com/lists/oss-security/2018/02/10/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2018/02/07/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2018/02/07/2" }, { "reference_url": "https://www.exploit-db.com/exploits/44571/", "reference_id": "44571", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://www.exploit-db.com/exploits/44571/" }, { "reference_url": "https://www.exploit-db.com/exploits/45671/", "reference_id": "45671", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://www.exploit-db.com/exploits/45671/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890000", "reference_id": "890000", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890000" }, { "reference_url": "https://security.archlinux.org/ASA-201802-6", "reference_id": "ASA-201802-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201802-6" }, { "reference_url": "https://security.archlinux.org/AVG-608", "reference_id": "AVG-608", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-608" }, { "reference_url": "https://git.exim.org/exim.git/commit/cf3cd306062a08969c41a1cdd32c6855f1abecf1", "reference_id": "cf3cd306062a08969c41a1cdd32c6855f1abecf1", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://git.exim.org/exim.git/commit/cf3cd306062a08969c41a1cdd32c6855f1abecf1" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/44571.py", "reference_id": "CVE-2018-6789", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/44571.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45671.py", "reference_id": "CVE-2018-6789", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45671.py" }, { "reference_url": "https://medium.com/@straightblast426/my-poc-walk-through-for-cve-2018-6789-2e402e4ff588", "reference_id": "CVE-2018-6789", "reference_type": "exploit", "scores": [], "url": "https://medium.com/@straightblast426/my-poc-walk-through-for-cve-2018-6789-2e402e4ff588" }, { "reference_url": "https://exim.org/static/doc/security/CVE-2018-6789.txt", "reference_id": "CVE-2018-6789.txt", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://exim.org/static/doc/security/CVE-2018-6789.txt" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4110", "reference_id": "dsa-4110", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4110" }, { "reference_url": "http://packetstormsecurity.com/files/162959/Exim-base64d-Buffer-Overflow.html", "reference_id": "Exim-base64d-Buffer-Overflow.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "http://packetstormsecurity.com/files/162959/Exim-base64d-Buffer-Overflow.html" }, { "reference_url": "https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/", "reference_id": "exim-off-by-one-RCE-exploiting-CVE-2018-6789-en", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/" }, { "reference_url": "https://security.gentoo.org/glsa/201803-01", "reference_id": "GLSA-201803-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00009.html", "reference_id": "msg00009.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00009.html" }, { "reference_url": "https://usn.ubuntu.com/3565-1/", "reference_id": "USN-3565-1", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://usn.ubuntu.com/3565-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585404?format=api", "purl": "pkg:deb/debian/exim4@4.90.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.90.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-6789" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-56xq-sgry-2uhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56936?format=api", "vulnerability_id": "VCID-5e2k-ure4-wfdf", "summary": "Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42117.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42117.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42117", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91671", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91736", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91725", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91723", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91677", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91686", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91698", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91705", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91709", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91711", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91707", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91728", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91721", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91722", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42117" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42117" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241531", "reference_id": "2241531", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241531" }, { "reference_url": "https://security.gentoo.org/glsa/202402-18", "reference_id": "GLSA-202402-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-18" }, { "reference_url": "https://usn.ubuntu.com/6455-1/", "reference_id": "USN-6455-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6455-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1471/", "reference_id": "ZDI-23-1471", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-03T16:58:53Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1471/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585684?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585685?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585686?format=api", "purl": "pkg:deb/debian/exim4@4.97~RC2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.97~RC2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-42117" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5e2k-ure4-wfdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91182?format=api", "vulnerability_id": "VCID-5q8s-xzfq-mfa8", "summary": "Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0400", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06391", "scoring_system": "epss", "scoring_elements": "0.90971", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06391", "scoring_system": "epss", "scoring_elements": "0.90977", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06391", "scoring_system": "epss", "scoring_elements": "0.90986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06391", "scoring_system": "epss", "scoring_elements": "0.90997", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06391", "scoring_system": "epss", "scoring_elements": "0.91009", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06391", "scoring_system": "epss", "scoring_elements": "0.91014", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06391", "scoring_system": "epss", "scoring_elements": "0.91023", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06391", "scoring_system": "epss", "scoring_elements": "0.91047", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06391", "scoring_system": "epss", "scoring_elements": "0.91046", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06391", "scoring_system": "epss", "scoring_elements": "0.91048", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06391", "scoring_system": "epss", "scoring_elements": "0.91061", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06391", "scoring_system": "epss", "scoring_elements": "0.91059", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06391", "scoring_system": "epss", "scoring_elements": "0.91054", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.06391", "scoring_system": "epss", "scoring_elements": "0.9107", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0400" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586250?format=api", "purl": "pkg:deb/debian/exim4@4.33-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.33-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0400" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5q8s-xzfq-mfa8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50401?format=api", "vulnerability_id": "VCID-5vks-gjgj-euhp", "summary": "Multiple vulnerabilities were found in Exim, the worst of which\n leading to remote execution of arbitrary code with root privileges.", "references": [ { "reference_url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html" }, { "reference_url": "http://bugs.exim.org/show_bug.cgi?id=988", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.exim.org/show_bug.cgi?id=988" }, { "reference_url": "http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2023.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2023.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25432", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25467", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.2524", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25308", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25353", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25365", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25363", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45772", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45712", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45609", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45839", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45842", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45895", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45888", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45834", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45762", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2023" }, { "reference_url": "http://secunia.com/advisories/40019", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40019" }, { "reference_url": "http://secunia.com/advisories/40123", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40123" }, { "reference_url": "http://secunia.com/advisories/43243", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43243" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59043" }, { "reference_url": "http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2" }, { "reference_url": "http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.24&r2=1.25", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.24&r2=1.25" }, { "reference_url": "http://www.securityfocus.com/archive/1/511653/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/511653/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/40451", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40451" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1060-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1060-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1402", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/1402" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0364", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0364" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=600093", "reference_id": "600093", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=600093" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2023", "reference_id": "CVE-2010-2023", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2023" }, { "reference_url": "https://security.gentoo.org/glsa/201401-32", "reference_id": "GLSA-201401-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-32" }, { "reference_url": "https://usn.ubuntu.com/1060-1/", "reference_id": "USN-1060-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1060-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584672?format=api", "purl": "pkg:deb/debian/exim4@4.72-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.72-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-2023" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5vks-gjgj-euhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45527?format=api", "vulnerability_id": "VCID-69es-qatu-uub2", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03499", "scoring_system": "epss", "scoring_elements": "0.87572", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03499", "scoring_system": "epss", "scoring_elements": "0.87549", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03499", "scoring_system": "epss", "scoring_elements": "0.87558", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88068", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88079", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88071", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88072", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88086", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88083", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88101", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88106", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88105", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88116", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88043", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88063", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28023" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-69es-qatu-uub2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95201?format=api", "vulnerability_id": "VCID-6dwr-t9kn-2yfn", "summary": "A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71127", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71052", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71075", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.7106", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71042", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71089", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71096", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71076", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71133", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71141", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71145", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71002", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.7102", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.70994", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3559" }, { "reference_url": "https://git.exim.org/exim.git/commit/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2", "reference_id": "4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/" } ], "url": "https://git.exim.org/exim.git/commit/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV/", "reference_id": "EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV/" }, { "reference_url": "https://vuldb.com/?id.211073", "reference_id": "?id.211073", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/" } ], "url": "https://vuldb.com/?id.211073" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=2915", "reference_id": "show_bug.cgi?id=2915", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/" } ], "url": "https://bugs.exim.org/show_bug.cgi?id=2915" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMQ6OCKPNPBPSD37YR4FOWV2R54M2UEP/", "reference_id": "TMQ6OCKPNPBPSD37YR4FOWV2R54M2UEP", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMQ6OCKPNPBPSD37YR4FOWV2R54M2UEP/" }, { "reference_url": "https://usn.ubuntu.com/5741-1/", "reference_id": "USN-5741-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5741-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFHLZVHNNO2GWYP5EA4TZQZ5O4GVPARR/", "reference_id": "WFHLZVHNNO2GWYP5EA4TZQZ5O4GVPARR", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFHLZVHNNO2GWYP5EA4TZQZ5O4GVPARR/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585684?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/586842?format=api", "purl": "pkg:deb/debian/exim4@4.96-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-3559" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6dwr-t9kn-2yfn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45520?format=api", "vulnerability_id": "VCID-7vuu-yzmu-duew", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87041", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87035", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87052", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87056", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87005", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87025", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87033", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87046", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0344", "scoring_system": "epss", "scoring_elements": "0.87432", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0344", "scoring_system": "epss", "scoring_elements": "0.87441", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0344", "scoring_system": "epss", "scoring_elements": "0.87455", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03683", "scoring_system": "epss", "scoring_elements": "0.87939", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03683", "scoring_system": "epss", "scoring_elements": "0.87955", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03683", "scoring_system": "epss", "scoring_elements": "0.87962", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03683", "scoring_system": "epss", "scoring_elements": "0.87973", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28017" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7vuu-yzmu-duew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45530?format=api", "vulnerability_id": "VCID-838e-pk6w-t3by", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01659", "scoring_system": "epss", "scoring_elements": "0.81992", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01659", "scoring_system": "epss", "scoring_elements": "0.82004", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01659", "scoring_system": "epss", "scoring_elements": "0.82026", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82774", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82791", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82786", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82782", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82821", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8282", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82823", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82846", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82855", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8286", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82879", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82742", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82768", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28025" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-838e-pk6w-t3by" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79157?format=api", "vulnerability_id": "VCID-85d7-xwsd-u7hf", "summary": "Exim: Exim before 4.96 has an invalid free in pam_converse", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37451.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37451.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37451", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.90711", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.90721", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.90731", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.90742", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.90748", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.90757", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.90756", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.90753", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.90772", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.90769", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.90768", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.90779", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.9078", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.90774", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.06068", "scoring_system": "epss", "scoring_elements": "0.90792", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37451" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119782", "reference_id": "2119782", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119782" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584056?format=api", "purl": "pkg:deb/debian/exim4@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585727?format=api", "purl": "pkg:deb/debian/exim4@4.95-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.95-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-37451" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-85d7-xwsd-u7hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82810?format=api", "vulnerability_id": "VCID-85sn-frqr-wqc1", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9963.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9963.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9963", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82098", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.8211", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82131", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82126", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82153", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.8216", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82179", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.8217", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82165", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82203", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82204", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82226", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82237", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.8224", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82256", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9963" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9963", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9963" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1405322", "reference_id": "1405322", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1405322" }, { "reference_url": "https://security.archlinux.org/AVG-153", "reference_id": "AVG-153", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-153" }, { "reference_url": "https://usn.ubuntu.com/3164-1/", "reference_id": "USN-3164-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3164-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586549?format=api", "purl": "pkg:deb/debian/exim4@4.88~RC6-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.88~RC6-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-9963" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-85sn-frqr-wqc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50404?format=api", "vulnerability_id": "VCID-879s-a42x-bqhu", "summary": "Multiple vulnerabilities were found in Exim, the worst of which\n leading to remote execution of arbitrary code with root privileges.", "references": [ { "reference_url": "http://bugs.exim.org/show_bug.cgi?id=1044", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://bugs.exim.org/show_bug.cgi?id=1044" }, { "reference_url": "http://lists.exim.org/lurker/message/20101209.172233.abcba158.en.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://lists.exim.org/lurker/message/20101209.172233.abcba158.en.html" }, { "reference_url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2010/12/10/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://openwall.com/lists/oss-security/2010/12/10/1" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4345.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4345.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4345", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04024", "scoring_system": "epss", "scoring_elements": "0.88425", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04024", "scoring_system": "epss", "scoring_elements": "0.8844", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04024", "scoring_system": "epss", "scoring_elements": "0.88433", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05133", "scoring_system": "epss", "scoring_elements": "0.89876", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05133", "scoring_system": "epss", "scoring_elements": "0.89864", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05133", "scoring_system": "epss", "scoring_elements": "0.89847", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05133", "scoring_system": "epss", "scoring_elements": "0.8987", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05133", "scoring_system": "epss", "scoring_elements": "0.89868", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05133", "scoring_system": "epss", "scoring_elements": "0.89882", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05133", "scoring_system": "epss", "scoring_elements": "0.89881", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05133", "scoring_system": "epss", "scoring_elements": "0.89874", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06001", "scoring_system": "epss", "scoring_elements": "0.90705", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06856", "scoring_system": "epss", "scoring_elements": "0.91413", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.06856", "scoring_system": "epss", "scoring_elements": "0.91402", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06856", "scoring_system": "epss", "scoring_elements": "0.914", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06856", "scoring_system": "epss", "scoring_elements": "0.91399", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4345" }, { "reference_url": "http://secunia.com/advisories/42576", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://secunia.com/advisories/42576" }, { "reference_url": "http://secunia.com/advisories/42930", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://secunia.com/advisories/42930" }, { "reference_url": "http://secunia.com/advisories/43128", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://secunia.com/advisories/43128" }, { "reference_url": "http://secunia.com/advisories/43243", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://secunia.com/advisories/43243" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-4345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-4345" }, { "reference_url": "http://www.cpanel.net/2010/12/critical-exim-security-update.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.cpanel.net/2010/12/critical-exim-security-update.html" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2131", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.debian.org/security/2010/dsa-2131" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2154", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.debian.org/security/2011/dsa-2154" }, { "reference_url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html" }, { "reference_url": "http://www.kb.cert.org/vuls/id/758489", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.kb.cert.org/vuls/id/758489" }, { "reference_url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/05/04/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0153.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0153.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/45341", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.securityfocus.com/bid/45341" }, { "reference_url": "http://www.securitytracker.com/id?1024859", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.securitytracker.com/id?1024859" }, { "reference_url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1060-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.ubuntu.com/usn/USN-1060-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3171", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3171" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3204", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3204" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0135", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.vupen.com/english/advisories/2011/0135" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0245", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.vupen.com/english/advisories/2011/0245" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0364", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "http://www.vupen.com/english/advisories/2011/0364" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606527", "reference_id": "606527", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606527" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=662012", "reference_id": "662012", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=662012" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4345", "reference_id": "CVE-2010-4345", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4345" }, { "reference_url": "https://security.gentoo.org/glsa/201401-32", "reference_id": "GLSA-201401-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0153", "reference_id": "RHSA-2011:0153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0153" }, { "reference_url": "https://usn.ubuntu.com/1060-1/", "reference_id": "USN-1060-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1060-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586618?format=api", "purl": "pkg:deb/debian/exim4@4.72-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.72-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-4345" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-879s-a42x-bqhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45517?format=api", "vulnerability_id": "VCID-87un-11ea-myhg", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.3727", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37737", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37498", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37477", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37387", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37752", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37803", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37815", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.3783", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37794", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37769", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37817", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37798", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42091", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42119", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.4203", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28014" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-87un-11ea-myhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95233?format=api", "vulnerability_id": "VCID-92ug-3eae-tydc", "summary": "Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37452", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89315", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89328", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.8933", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89347", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89351", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.8936", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89357", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89353", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89367", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89364", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89382", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89386", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89389", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89398", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37452" }, { "reference_url": "https://usn.ubuntu.com/5574-1/", "reference_id": "USN-5574-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5574-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586540?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-37452" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-92ug-3eae-tydc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45510?format=api", "vulnerability_id": "VCID-avxe-yhcq-wudx", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38545", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38988", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38779", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38756", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38668", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39023", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39075", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39091", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39103", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39066", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39046", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39101", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39072", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43572", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43599", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.4351", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28007" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-avxe-yhcq-wudx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89317?format=api", "vulnerability_id": "VCID-awpv-dmgg-abef", "summary": "security flaw", "references": [ { "reference_url": "http://ftp6.us.freebsd.org/pub/mail/exim/ChangeLogs/ChangeLog-4.44", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ftp6.us.freebsd.org/pub/mail/exim/ChangeLogs/ChangeLog-4.44" }, { "reference_url": "http://marc.info/?l=bugtraq&m=110824870908614&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=110824870908614&w=2" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0022.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0022.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.80877", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.80723", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.80732", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.80753", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.8075", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.80778", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.80787", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.80803", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.80788", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.80779", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.80816", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.80819", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.8082", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.80843", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.80848", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.8086", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0022" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200501-23.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200501-23.xml" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11293" }, { "reference_url": "http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.html" }, { "reference_url": "http://www.idefense.com/application/poi/display?id=178&type=vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.idefense.com/application/poi/display?id=178&type=vulnerabilities" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2005-025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2005-025.html" }, { "reference_url": "http://www.securityfocus.com/bid/12188", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/12188" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617440", "reference_id": "1617440", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617440" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.41:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:university_of_cambridge:exim:4.41:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.41:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.42:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:university_of_cambridge:exim:4.42:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.42:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0022", "reference_id": "CVE-2005-0022", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:025", "reference_id": "RHSA-2005:025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:025" }, { "reference_url": "https://usn.ubuntu.com/56-1/", "reference_id": "USN-56-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/56-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584854?format=api", "purl": "pkg:deb/debian/exim4@4.34-10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.34-10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-0022" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-awpv-dmgg-abef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50402?format=api", "vulnerability_id": "VCID-bdkr-87xb-4yf8", "summary": "Multiple vulnerabilities were found in Exim, the worst of which\n leading to remote execution of arbitrary code with root privileges.", "references": [ { "reference_url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html" }, { "reference_url": "http://bugs.exim.org/show_bug.cgi?id=989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.exim.org/show_bug.cgi?id=989" }, { "reference_url": "http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2024.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2024.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20901", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20961", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20675", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20752", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20813", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20831", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20753", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38546", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38458", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38339", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38819", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38791", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38837", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38815", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38735", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.3857", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2024" }, { "reference_url": "http://secunia.com/advisories/40019", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40019" }, { "reference_url": "http://secunia.com/advisories/40123", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40123" }, { "reference_url": "http://secunia.com/advisories/43243", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43243" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59042" }, { "reference_url": "http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2" }, { "reference_url": "http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.25&r2=1.26", "reference_id": "", "reference_type": "", "scores": [], "url": "http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.25&r2=1.26" }, { "reference_url": "http://www.securityfocus.com/archive/1/511653/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/511653/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/40454", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40454" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1060-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1060-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1402", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/1402" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0364", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0364" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=600097", "reference_id": "600097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=600097" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2024", "reference_id": "CVE-2010-2024", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2024" }, { "reference_url": "https://security.gentoo.org/glsa/201401-32", "reference_id": "GLSA-201401-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-32" }, { "reference_url": "https://usn.ubuntu.com/1060-1/", "reference_id": "USN-1060-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1060-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584672?format=api", "purl": "pkg:deb/debian/exim4@4.72-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.72-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-2024" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bdkr-87xb-4yf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56210?format=api", "vulnerability_id": "VCID-bgxc-8scn-z7e8", "summary": "A vulnerability in Exim could allow a remote attacker to execute\n arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16928.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16928.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16928", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.89816", "scoring_system": "epss", "scoring_elements": "0.99569", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.89905", "scoring_system": "epss", "scoring_elements": "0.99571", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.89905", "scoring_system": "epss", "scoring_elements": "0.99572", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.89905", "scoring_system": "epss", "scoring_elements": "0.99574", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.89905", "scoring_system": "epss", "scoring_elements": "0.9957", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.89905", "scoring_system": "epss", "scoring_elements": "0.99573", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.99588", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.99582", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.99583", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.99584", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.99585", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.99586", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16928" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=2449", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://bugs.exim.org/show_bug.cgi?id=2449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16928" }, { "reference_url": "https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65f", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65f" }, { "reference_url": "https://lists.exim.org/lurker/message/20190927.032457.c1044d4c.en.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://lists.exim.org/lurker/message/20190927.032457.c1044d4c.en.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EED7HM3MFIBAP5OIMJAFJ35JAJABTVSC/", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EED7HM3MFIBAP5OIMJAFJ35JAJABTVSC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3TJW4HPYH3O5HZCWGD6NSHTEBTTAPDC/", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3TJW4HPYH3O5HZCWGD6NSHTEBTTAPDC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UY6HPRW7MR3KBQ5JFHH6OXM7YCZBJCOB/", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UY6HPRW7MR3KBQ5JFHH6OXM7YCZBJCOB/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Sep/60", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://seclists.org/bugtraq/2019/Sep/60" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-16928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-16928" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4536", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4536" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/28/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/09/28/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/28/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/09/28/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/28/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/09/28/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/28/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/09/28/4" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1756930", "reference_id": "1756930", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1756930" }, { "reference_url": "https://security.archlinux.org/ASA-201910-1", "reference_id": "ASA-201910-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-1" }, { "reference_url": "https://security.archlinux.org/AVG-1038", "reference_id": "AVG-1038", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1038" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16928", "reference_id": "CVE-2019-16928", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16928" }, { "reference_url": "https://security.gentoo.org/glsa/202003-47", "reference_id": "GLSA-202003-47", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://security.gentoo.org/glsa/202003-47" }, { "reference_url": "https://usn.ubuntu.com/4141-1/", "reference_id": "USN-4141-1", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://usn.ubuntu.com/4141-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585582?format=api", "purl": "pkg:deb/debian/exim4@4.92.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-16928" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bgxc-8scn-z7e8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45515?format=api", "vulnerability_id": "VCID-bz4v-p82a-skgk", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34597", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35068", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34836", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34818", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34725", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35077", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35122", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35147", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35152", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35117", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35093", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35131", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39189", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39211", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39003", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28012" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bz4v-p82a-skgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57176?format=api", "vulnerability_id": "VCID-c9g9-ufem-9bgr", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://openwall.com/lists/oss-security/2017/11/25/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2017/11/25/1" }, { "reference_url": "http://openwall.com/lists/oss-security/2017/11/25/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2017/11/25/2" }, { "reference_url": "http://openwall.com/lists/oss-security/2017/11/25/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2017/11/25/3" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16943.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16943.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16943", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.745", "scoring_system": "epss", "scoring_elements": "0.98841", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.745", "scoring_system": "epss", "scoring_elements": "0.98838", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.745", "scoring_system": "epss", "scoring_elements": "0.98844", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.745", "scoring_system": "epss", "scoring_elements": "0.98843", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.745", "scoring_system": "epss", "scoring_elements": "0.98839", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98975", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98967", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98968", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.9897", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98956", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98957", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98958", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.9896", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98961", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98963", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16943" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=2199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.exim.org/show_bug.cgi?id=2199" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16943" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16944" }, { "reference_url": "https://git.exim.org/exim.git/commit/4090d62a4b25782129cc1643596dc2f6e8f63bde", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.exim.org/exim.git/commit/4090d62a4b25782129cc1643596dc2f6e8f63bde" }, { "reference_url": "https://git.exim.org/exim.git/commitdiff/4e6ae6235c68de243b1c2419027472d7659aa2b4", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.exim.org/exim.git/commitdiff/4e6ae6235c68de243b1c2419027472d7659aa2b4" }, { "reference_url": "https://github.com/LetUsFsck/PoC-Exploit-Mirror/tree/master/CVE-2017-16944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/LetUsFsck/PoC-Exploit-Mirror/tree/master/CVE-2017-16944" }, { "reference_url": "https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-4053" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/05/04/7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7" }, { "reference_url": "http://www.securitytracker.com/id/1039872", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039872" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517680", "reference_id": "1517680", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517680" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882648", "reference_id": "882648", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882648" }, { "reference_url": "https://security.archlinux.org/ASA-201711-32", "reference_id": "ASA-201711-32", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-32" }, { "reference_url": "https://security.archlinux.org/AVG-518", "reference_id": "AVG-518", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-518" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.88:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.88:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.88:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.89:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.89:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.89:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16943", "reference_id": "CVE-2017-16943", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16943" }, { "reference_url": "https://security.gentoo.org/glsa/201803-01", "reference_id": "GLSA-201803-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-01" }, { "reference_url": "https://usn.ubuntu.com/3493-1/", "reference_id": "USN-3493-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3493-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583711?format=api", "purl": "pkg:deb/debian/exim4@4.89-12?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-12%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-16943" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c9g9-ufem-9bgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45514?format=api", "vulnerability_id": "VCID-caau-2ury-hbbs", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35376", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35838", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3561", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35579", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35492", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35846", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35919", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35925", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35884", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3586", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.359", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35887", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.4003", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40056", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39882", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28011" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-caau-2ury-hbbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91181?format=api", "vulnerability_id": "VCID-d8va-5pph-7yb5", "summary": "Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.97414", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.9742", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.97424", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.97426", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.97433", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.97434", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.97436", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.97438", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.97439", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.97447", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.97451", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.9745", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.97452", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.97454", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.42079", "scoring_system": "epss", "scoring_elements": "0.97457", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0399" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24093.c", "reference_id": "CVE-2004-0399;OSVDB-5896", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24093.c" }, { "reference_url": "https://www.securityfocus.com/bid/10290/info", "reference_id": "CVE-2004-0399;OSVDB-5896", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/10290/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586250?format=api", "purl": "pkg:deb/debian/exim4@4.33-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.33-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0399" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d8va-5pph-7yb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50406?format=api", "vulnerability_id": "VCID-e844-g11f-f7fd", "summary": "Multiple vulnerabilities were found in Exim, the worst of which\n leading to remote execution of arbitrary code with root privileges.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1407.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1407.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1407", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72436", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72312", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72318", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72336", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72313", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72352", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72364", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72387", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.7237", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72358", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72399", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72408", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72396", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72438", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72448", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72444", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1407" }, { "reference_url": "https://lists.exim.org/lurker/message/20110509.091632.daed0206.en.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.exim.org/lurker/message/20110509.091632.daed0206.en.html" }, { "reference_url": "https://lists.exim.org/lurker/message/20110512.102909.8136175a.en.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.exim.org/lurker/message/20110512.102909.8136175a.en.html" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2236", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2011/dsa-2236" }, { "reference_url": "http://www.securityfocus.com/bid/47836", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/47836" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1135-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1135-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=705446", "reference_id": "705446", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=705446" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1407", "reference_id": "CVE-2011-1407", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1407" }, { "reference_url": "https://security.gentoo.org/glsa/201401-32", "reference_id": "GLSA-201401-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-32" }, { "reference_url": "https://usn.ubuntu.com/1135-1/", "reference_id": "USN-1135-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1135-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585186?format=api", "purl": "pkg:deb/debian/exim4@4.76-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.76-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-1407" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e844-g11f-f7fd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56934?format=api", "vulnerability_id": "VCID-f998-369d-r3ds", "summary": "Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42116.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42116.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42116", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91234", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91328", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91316", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91314", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91243", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.9125", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91263", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.9127", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91277", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.9128", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91279", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91304", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91306", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241528", "reference_id": "2241528", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241528" }, { "reference_url": "https://security.gentoo.org/glsa/202402-18", "reference_id": "GLSA-202402-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-18" }, { "reference_url": "https://usn.ubuntu.com/6411-1/", "reference_id": "USN-6411-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6411-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1470/", "reference_id": "ZDI-23-1470", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-05T15:02:42Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1470/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583814?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/583815?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/583816?format=api", "purl": "pkg:deb/debian/exim4@4.97~RC1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.97~RC1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-42116" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f998-369d-r3ds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91044?format=api", "vulnerability_id": "VCID-fndg-t3tw-mqef", "summary": "Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1381", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86634", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86645", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86665", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86664", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86683", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86692", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86706", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86703", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86696", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86709", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86715", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86727", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86735", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86756", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1381" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1381", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1381" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/22066.c", "reference_id": "CVE-2002-1381;OSVDB-10360", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/22066.c" }, { "reference_url": "https://www.securityfocus.com/bid/6314/info", "reference_id": "CVE-2002-1381;OSVDB-10360", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/6314/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586914?format=api", "purl": "pkg:deb/debian/exim4@4.11-0.0.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.11-0.0.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2002-1381" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fndg-t3tw-mqef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/331170?format=api", "vulnerability_id": "VCID-h3v8-dkfk-2bfr", "summary": "A UNIX Symbolic Link (Symlink) Following vulnerability in logrotate config in the exim package allowed privilege escalation from mail user/group to root.This issue affects Tumbleweed: from ? before 4.98.2-lp156.248.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53881", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07362", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07349", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07477", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07436", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07426", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07406", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0739", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07445", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07468", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07461", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07447", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07437", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07363", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08028", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07997", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53881" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53881", "reference_id": "show_bug.cgi?id=CVE-2025-53881", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-02T17:15:08Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53881" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584056?format=api", "purl": "pkg:deb/debian/exim4@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-53881" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h3v8-dkfk-2bfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97774?format=api", "vulnerability_id": "VCID-j9ru-hveg-jke3", "summary": "A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30232", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09383", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09235", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09299", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09337", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09284", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09202", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09278", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09322", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09331", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09303", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0929", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09182", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0918", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09332", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27197", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30232" }, { "reference_url": "https://security.archlinux.org/ASA-202503-1", "reference_id": "ASA-202503-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202503-1" }, { "reference_url": "https://security.archlinux.org/AVG-2859", "reference_id": "AVG-2859", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2859" }, { "reference_url": "https://www.exim.org/static/doc/security/CVE-2025-30232.txt", "reference_id": "CVE-2025-30232.txt", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-28T14:37:01Z/" } ], "url": "https://www.exim.org/static/doc/security/CVE-2025-30232.txt" }, { "reference_url": "https://usn.ubuntu.com/7373-1/", "reference_id": "USN-7373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584056?format=api", "purl": "pkg:deb/debian/exim4@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585929?format=api", "purl": "pkg:deb/debian/exim4@4.98.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-30232" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j9ru-hveg-jke3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66050?format=api", "vulnerability_id": "VCID-kh8n-3nvr-quhj", "summary": "exim: Exim: Remote heap corruption vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67896.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67896.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67896", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25091", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25017", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25129", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24904", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24973", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25031", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24991", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24937", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29743", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29619", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29505", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29443", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29297", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29765", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29699", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67896" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2025/12/11/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T21:27:33Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2025/12/11/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422034", "reference_id": "2422034", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422034" }, { "reference_url": "https://exim.org/static/doc/security/EXIM-Security-2025-12-09.1/report.txt", "reference_id": "report.txt", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T21:27:33Z/" } ], "url": "https://exim.org/static/doc/security/EXIM-Security-2025-12-09.1/report.txt" }, { "reference_url": "https://exim.org/static/doc/security/", "reference_id": "security", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T21:27:33Z/" } ], "url": "https://exim.org/static/doc/security/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584056?format=api", "purl": "pkg:deb/debian/exim4@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/584057?format=api", "purl": "pkg:deb/debian/exim4@4.99-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-67896" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kh8n-3nvr-quhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45511?format=api", "vulnerability_id": "VCID-kxtk-ybzc-eyfj", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29843", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30234", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30169", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30053", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29978", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30277", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30336", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.3037", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30373", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30329", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30282", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30296", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30278", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34186", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34219", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.33848", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28008" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kxtk-ybzc-eyfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94857?format=api", "vulnerability_id": "VCID-m8mt-ya9x-yqaq", "summary": "The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38371", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84536", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84382", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84397", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84417", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.8442", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84441", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84446", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84465", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84459", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84455", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84477", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84479", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84506", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84515", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84519", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38371" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38371" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992172", "reference_id": "992172", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992172" }, { "reference_url": "https://security.archlinux.org/AVG-2272", "reference_id": "AVG-2272", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2272" }, { "reference_url": "https://usn.ubuntu.com/6881-1/", "reference_id": "USN-6881-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6881-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585684?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/586163?format=api", "purl": "pkg:deb/debian/exim4@4.95~RC2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.95~RC2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-38371" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m8mt-ya9x-yqaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45512?format=api", "vulnerability_id": "VCID-mssq-pkfp-fbhg", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39543", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39946", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39774", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.3976", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39674", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39982", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40035", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40049", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.4006", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40023", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40003", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40053", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40024", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44559", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.4458", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44488", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28009" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mssq-pkfp-fbhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74998?format=api", "vulnerability_id": "VCID-mwem-kfpv-eqf2", "summary": "exim: exim: Incorrect parsing of multiline rfc2231 header filename", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39929.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39929.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.6031", "scoring_system": "epss", "scoring_elements": "0.98294", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.6031", "scoring_system": "epss", "scoring_elements": "0.98285", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.6031", "scoring_system": "epss", "scoring_elements": "0.98284", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.6031", "scoring_system": "epss", "scoring_elements": "0.98287", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.6031", "scoring_system": "epss", "scoring_elements": "0.98288", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.63532", "scoring_system": "epss", "scoring_elements": "0.98401", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.63915", "scoring_system": "epss", "scoring_elements": "0.98429", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.63915", "scoring_system": "epss", "scoring_elements": "0.98422", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.63915", "scoring_system": "epss", "scoring_elements": "0.98425", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.63915", "scoring_system": "epss", "scoring_elements": "0.98426", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.63915", "scoring_system": "epss", "scoring_elements": "0.98434", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.63915", "scoring_system": "epss", "scoring_elements": "0.9842", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39929" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075785", "reference_id": "1075785", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075785" }, { "reference_url": "https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b", "reference_id": "1b3209b0577a9327ebb076f3b32b8a159c253f7b", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/" } ], "url": "https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295819", "reference_id": "2295819", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295819" }, { "reference_url": "https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357", "reference_id": "6ce5c70cff8989418e05d01fd2a57703007a6357", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/" } ], "url": "https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357" }, { "reference_url": "https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3", "reference_id": "exim-4.98-RC2...exim-4.98-RC3", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/" } ], "url": "https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3" }, { "reference_url": "https://www.rfc-editor.org/rfc/rfc2231.txt", "reference_id": "rfc2231.txt", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/" } ], "url": "https://www.rfc-editor.org/rfc/rfc2231.txt" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=3099#c4", "reference_id": "show_bug.cgi?id=3099#c4", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/" } ], "url": "https://bugs.exim.org/show_bug.cgi?id=3099#c4" }, { "reference_url": "https://usn.ubuntu.com/6939-1/", "reference_id": "USN-6939-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6939-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585691?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585692?format=api", "purl": "pkg:deb/debian/exim4@4.98~RC3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98~RC3-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-39929" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mwem-kfpv-eqf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62581?format=api", "vulnerability_id": "VCID-p285-6bu3-vuh5", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00026.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00026.html" }, { "reference_url": "http://packetstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1531.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1531.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1531", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98145", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98138", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.9814", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98114", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98117", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98121", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98122", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98126", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98127", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98131", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98132", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98137", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98139", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98136", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1531" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.exploit-db.com/exploits/39535/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/39535/" }, { "reference_url": "https://www.exploit-db.com/exploits/39549/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/39549/" }, { "reference_url": "https://www.exploit-db.com/exploits/39702/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/39702/" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3517", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3517" }, { "reference_url": "http://www.exim.org/static/doc/CVE-2016-1531.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exim.org/static/doc/CVE-2016-1531.txt" }, { "reference_url": "http://www.rapid7.com/db/modules/exploit/unix/local/exim_perl_startup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rapid7.com/db/modules/exploit/unix/local/exim_perl_startup" }, { "reference_url": "http://www.securitytracker.com/id/1035512", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035512" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2933-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2933-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314293", "reference_id": "1314293", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314293" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "http://legalhackers.com/advisories/Exim-Local-Root-Privilege-Escalation.txt", "reference_id": "CVE-2016-1531", "reference_type": "exploit", "scores": [], "url": "http://legalhackers.com/advisories/Exim-Local-Root-Privilege-Escalation.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39535.sh", "reference_id": "CVE-2016-1531", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39535.sh" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39549.txt", "reference_id": "CVE-2016-1531", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39549.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39702.rb", "reference_id": "CVE-2016-1531", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39702.rb" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1531", "reference_id": "CVE-2016-1531", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1531" }, { "reference_url": "https://usn.ubuntu.com/2933-1/", "reference_id": "USN-2933-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2933-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585223?format=api", "purl": "pkg:deb/debian/exim4@4.86.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.86.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1531" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p285-6bu3-vuh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50405?format=api", "vulnerability_id": "VCID-pdm2-w3dk-p7gd", "summary": "Multiple vulnerabilities were found in Exim, the worst of which\n leading to remote execution of arbitrary code with root privileges.", "references": [ { "reference_url": "ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.74", "reference_id": "", "reference_type": "", "scores": [], "url": "ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.74" }, { "reference_url": "http://lists.exim.org/lurker/message/20110126.034702.4d69c278.en.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.exim.org/lurker/message/20110126.034702.4d69c278.en.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html" }, { "reference_url": "http://osvdb.org/70696", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/70696" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0017.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0017.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0017", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30172", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30706", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30838", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30884", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30703", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30761", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30793", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30796", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30752", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30705", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.3073", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.3071", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30676", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30504", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.3031", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0017" }, { "reference_url": "http://secunia.com/advisories/43101", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43101" }, { "reference_url": "http://secunia.com/advisories/43128", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43128" }, { "reference_url": "http://secunia.com/advisories/43243", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43243" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65028", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65028" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2154", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2011/dsa-2154" }, { "reference_url": "http://www.securityfocus.com/bid/46065", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/46065" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1060-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1060-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0224", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0224" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0245", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0245" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0364", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0364" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0464", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0464" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=670945", "reference_id": "670945", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=670945" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:2.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:2.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:2.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:2.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:2.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:2.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:2.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:2.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:2.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.00:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.00:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.00:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.01:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.01:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.01:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.02:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.02:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.02:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.03:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.03:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.03:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.34:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.34:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.34:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.36:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:3.36:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.36:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0017", "reference_id": "CVE-2011-0017", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0017" }, { "reference_url": "https://security.gentoo.org/glsa/201401-32", "reference_id": "GLSA-201401-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-32" }, { "reference_url": "https://usn.ubuntu.com/1060-1/", "reference_id": "USN-1060-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1060-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584635?format=api", "purl": "pkg:deb/debian/exim4@4.72-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.72-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0017" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pdm2-w3dk-p7gd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71807?format=api", "vulnerability_id": "VCID-ppju-pcvp-4khj", "summary": "exim: Exim: remote SQL injection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26794.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26794.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26794", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.74732", "scoring_system": "epss", "scoring_elements": "0.98852", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.74732", "scoring_system": "epss", "scoring_elements": "0.98872", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.74732", "scoring_system": "epss", "scoring_elements": "0.98873", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.74732", "scoring_system": "epss", "scoring_elements": "0.98869", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.74732", "scoring_system": "epss", "scoring_elements": "0.98865", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.74732", "scoring_system": "epss", "scoring_elements": "0.98864", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.74732", "scoring_system": "epss", "scoring_elements": "0.9886", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.74732", "scoring_system": "epss", "scoring_elements": "0.98859", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.74732", "scoring_system": "epss", "scoring_elements": "0.98856", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.74732", "scoring_system": "epss", "scoring_elements": "0.98854", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.74732", "scoring_system": "epss", "scoring_elements": "0.98855", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.75087", "scoring_system": "epss", "scoring_elements": "0.98891", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26794" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346981", "reference_id": "2346981", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346981" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/383926", "reference_id": "383926", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/383926" }, { "reference_url": "https://github.com/openbsd/ports/commit/584d2c49addce9ca0ae67882cc16969104d7f82d", "reference_id": "584d2c49addce9ca0ae67882cc16969104d7f82d", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/" } ], "url": "https://github.com/openbsd/ports/commit/584d2c49addce9ca0ae67882cc16969104d7f82d" }, { "reference_url": "https://code.exim.org/exim/exim/commit/bfe32b5c6ea033736a26da8421513206db9fe305", "reference_id": "bfe32b5c6ea033736a26da8421513206db9fe305", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/" } ], "url": "https://code.exim.org/exim/exim/commit/bfe32b5c6ea033736a26da8421513206db9fe305" }, { "reference_url": "https://www.exim.org/static/doc/security/CVE-2025-26794.txt", "reference_id": "CVE-2025-26794.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/" } ], "url": "https://www.exim.org/static/doc/security/CVE-2025-26794.txt" }, { "reference_url": "https://exim.org", "reference_id": "exim.org", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/" } ], "url": "https://exim.org" }, { "reference_url": "https://github.com/Exim/exim/wiki/EximSecurity", "reference_id": "EximSecurity", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/" } ], "url": "https://github.com/Exim/exim/wiki/EximSecurity" }, { "reference_url": "https://exim.org/static/doc/security/EXIM-Security-2025-12-09.1/report.txt", "reference_id": "report.txt", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/" } ], "url": "https://exim.org/static/doc/security/EXIM-Security-2025-12-09.1/report.txt" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1237424", "reference_id": "show_bug.cgi?id=1237424", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1237424" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584056?format=api", "purl": "pkg:deb/debian/exim4@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585087?format=api", "purl": "pkg:deb/debian/exim4@4.98-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26794" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ppju-pcvp-4khj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56938?format=api", "vulnerability_id": "VCID-puuy-w6ze-9kc7", "summary": "Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42119.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42119.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42119", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72637", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72765", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72776", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72772", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72654", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72632", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72671", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72684", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72707", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.7269", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.7268", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72722", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72733", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72725", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72767", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42119" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42119", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42119" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241542", "reference_id": "2241542", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241542" }, { "reference_url": "https://security.gentoo.org/glsa/202402-18", "reference_id": "GLSA-202402-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-18" }, { "reference_url": "https://usn.ubuntu.com/6455-1/", "reference_id": "USN-6455-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6455-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1473/", "reference_id": "ZDI-23-1473", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T16:29:47Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1473/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585684?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585685?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585686?format=api", "purl": "pkg:deb/debian/exim4@4.97~RC2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.97~RC2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-42119" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-puuy-w6ze-9kc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45521?format=api", "vulnerability_id": "VCID-pzsv-7fee-1ugu", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28018", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.65912", "scoring_system": "epss", "scoring_elements": "0.98522", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.65912", "scoring_system": "epss", "scoring_elements": "0.98521", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.65912", "scoring_system": "epss", "scoring_elements": "0.98517", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.65912", "scoring_system": "epss", "scoring_elements": "0.98525", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.76461", "scoring_system": "epss", "scoring_elements": "0.98927", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.76461", "scoring_system": "epss", "scoring_elements": "0.98928", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.76461", "scoring_system": "epss", "scoring_elements": "0.9893", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.78667", "scoring_system": "epss", "scoring_elements": "0.99043", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.78667", "scoring_system": "epss", "scoring_elements": "0.99044", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.78667", "scoring_system": "epss", "scoring_elements": "0.99045", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.78667", "scoring_system": "epss", "scoring_elements": "0.99042", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.78667", "scoring_system": "epss", "scoring_elements": "0.99041", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.78667", "scoring_system": "epss", "scoring_elements": "0.9904", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28018" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28018", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28018" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28018" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pzsv-7fee-1ugu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/279287?format=api", "vulnerability_id": "VCID-q8zm-fhfq-sfan", "summary": "A vulnerability was found in Exim and classified as problematic. This issue affects the function dmarc_dns_lookup of the file dmarc.c of the component DMARC Handler. The manipulation leads to use after free. The attack may be initiated remotely. The name of the patch is 12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211919.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3620", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01227", "scoring_system": "epss", "scoring_elements": "0.79226", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01227", "scoring_system": "epss", "scoring_elements": "0.79131", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01227", "scoring_system": "epss", "scoring_elements": "0.79156", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01227", "scoring_system": "epss", "scoring_elements": "0.79142", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01227", "scoring_system": "epss", "scoring_elements": "0.79132", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01227", "scoring_system": "epss", "scoring_elements": "0.79159", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01227", "scoring_system": "epss", "scoring_elements": "0.79155", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01227", "scoring_system": "epss", "scoring_elements": "0.79189", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01227", "scoring_system": "epss", "scoring_elements": "0.79196", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01227", "scoring_system": "epss", "scoring_elements": "0.79213", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01227", "scoring_system": "epss", "scoring_elements": "0.79087", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01227", "scoring_system": "epss", "scoring_elements": "0.79114", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01227", "scoring_system": "epss", "scoring_elements": "0.79099", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01227", "scoring_system": "epss", "scoring_elements": "0.79124", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3620" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022556", "reference_id": "1022556", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022556" }, { "reference_url": "https://git.exim.org/exim.git/commit/12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445", "reference_id": "12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:15Z/" } ], "url": "https://git.exim.org/exim.git/commit/12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/667V3ADXQ2MHUJMSXA3VZZEWLVSCIBEU/", "reference_id": "667V3ADXQ2MHUJMSXA3VZZEWLVSCIBEU", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:15Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/667V3ADXQ2MHUJMSXA3VZZEWLVSCIBEU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV/", "reference_id": "EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:15Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV/" }, { "reference_url": "https://vuldb.com/?id.211919", "reference_id": "?id.211919", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:15Z/" } ], "url": "https://vuldb.com/?id.211919" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XV2K2AWF62FSJ64B5CUZPFT4COK7P5PM/", "reference_id": "XV2K2AWF62FSJ64B5CUZPFT4COK7P5PM", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:15Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XV2K2AWF62FSJ64B5CUZPFT4COK7P5PM/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584056?format=api", "purl": "pkg:deb/debian/exim4@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922057?format=api", "purl": "pkg:deb/debian/exim4@4.96-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-3620" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q8zm-fhfq-sfan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45513?format=api", "vulnerability_id": "VCID-qr4y-643y-dqdz", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31312", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31841", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31673", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31545", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31463", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31844", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31896", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31925", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3193", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3189", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31857", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31889", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31868", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35879", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35909", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35681", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28010" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qr4y-643y-dqdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56929?format=api", "vulnerability_id": "VCID-qupq-a4jw-bbhh", "summary": "Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42114.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42114.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42114", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94276", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94336", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94327", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94331", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94287", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94289", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94298", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94302", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94306", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94307", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94308", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94323", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94328", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241538", "reference_id": "2241538", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241538" }, { "reference_url": "https://security.gentoo.org/glsa/202402-18", "reference_id": "GLSA-202402-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-18" }, { "reference_url": "https://usn.ubuntu.com/6411-1/", "reference_id": "USN-6411-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6411-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1468/", "reference_id": "ZDI-23-1468", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-03T17:07:34Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1468/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583814?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/583815?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/583816?format=api", "purl": "pkg:deb/debian/exim4@4.97~RC1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.97~RC1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-42114" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qupq-a4jw-bbhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45523?format=api", "vulnerability_id": "VCID-qyqw-2gga-m3c6", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28020", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19796", "scoring_system": "epss", "scoring_elements": "0.95417", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.19796", "scoring_system": "epss", "scoring_elements": "0.95423", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.19796", "scoring_system": "epss", "scoring_elements": "0.95408", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95642", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95646", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95648", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95657", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.9566", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95662", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95663", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95664", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95679", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.9563", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95638", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28020" }, { "reference_url": "https://security.archlinux.org/AVG-1912", "reference_id": "AVG-1912", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1912" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585471?format=api", "purl": "pkg:deb/debian/exim4@4.92~RC5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92~RC5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28020" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qyqw-2gga-m3c6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49994?format=api", "vulnerability_id": "VCID-raam-5am9-hbef", "summary": "A vulnerability in Exim could allow a remote attacker to execute\n arbitrary commands.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10149.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10149.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10149", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93918", "scoring_system": "epss", "scoring_elements": "0.99879", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.93918", "scoring_system": "epss", "scoring_elements": "0.99878", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.93918", "scoring_system": "epss", "scoring_elements": "0.9988", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.93918", "scoring_system": "epss", "scoring_elements": "0.99876", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.93918", "scoring_system": "epss", "scoring_elements": "0.99877", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10149" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10149" }, { "reference_url": "http://www.securityfocus.com/bid/108679", "reference_id": "108679", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://www.securityfocus.com/bid/108679" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715237", "reference_id": "1715237", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715237" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/06/05/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/06/05/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/06/05/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/06/05/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/07/26/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/07/26/4" }, { "reference_url": "https://seclists.org/bugtraq/2019/Jun/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "https://seclists.org/bugtraq/2019/Jun/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/07/25/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/07/25/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/07/25/7", "reference_id": "7", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/07/25/7" }, { "reference_url": "https://security.archlinux.org/AVG-982", "reference_id": "AVG-982", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-982" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46996.sh", "reference_id": "CVE-2019-10149", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46996.sh" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/47307.rb", "reference_id": "CVE-2019-10149", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/47307.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/46974.txt", "reference_id": "CVE-2019-10149", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/46974.txt" }, { "reference_url": "https://lwn.net/Articles/790553/", "reference_id": "CVE-2019-10149", "reference_type": "exploit", "scores": [], "url": "https://lwn.net/Articles/790553/" }, { "reference_url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb", "reference_id": "CVE-2019-10149", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb" }, { "reference_url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt", "reference_id": "CVE-2019-10149.txt", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4456", "reference_id": "dsa-4456", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4456" }, { "reference_url": "http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html", "reference_id": "Exim-4.91-Local-Privilege-Escalation.html", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html" }, { "reference_url": "http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html", "reference_id": "Exim-4.91-Local-Privilege-Escalation.html", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html" }, { "reference_url": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html", "reference_id": "Exim-4.9.1-Remote-Command-Execution.html", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html" }, { "reference_url": "https://security.gentoo.org/glsa/201906-01", "reference_id": "GLSA-201906-01", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "https://security.gentoo.org/glsa/201906-01" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html", "reference_id": "msg00020.html", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149", "reference_id": "show_bug.cgi?id=CVE-2019-10149", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149" }, { "reference_url": "https://usn.ubuntu.com/4010-1/", "reference_id": "USN-4010-1", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "https://usn.ubuntu.com/4010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586777?format=api", "purl": "pkg:deb/debian/exim4@4.92~RC3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92~RC3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-10149" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-raam-5am9-hbef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50407?format=api", "vulnerability_id": "VCID-rfam-rzrr-abhb", "summary": "Multiple vulnerabilities were found in Exim, the worst of which\n leading to remote execution of arbitrary code with root privileges.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1764.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1764.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1764", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0353", "scoring_system": "epss", "scoring_elements": "0.87605", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0353", "scoring_system": "epss", "scoring_elements": "0.87614", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0353", "scoring_system": "epss", "scoring_elements": "0.87628", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04718", "scoring_system": "epss", "scoring_elements": "0.89356", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04718", "scoring_system": "epss", "scoring_elements": "0.89372", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04718", "scoring_system": "epss", "scoring_elements": "0.89376", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04718", "scoring_system": "epss", "scoring_elements": "0.89385", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04718", "scoring_system": "epss", "scoring_elements": "0.89382", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04718", "scoring_system": "epss", "scoring_elements": "0.89378", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04718", "scoring_system": "epss", "scoring_elements": "0.89393", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04718", "scoring_system": "epss", "scoring_elements": "0.8939", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04718", "scoring_system": "epss", "scoring_elements": "0.89407", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04718", "scoring_system": "epss", "scoring_elements": "0.89412", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.04718", "scoring_system": "epss", "scoring_elements": "0.89414", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.04718", "scoring_system": "epss", "scoring_elements": "0.89422", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1764" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624670", "reference_id": "624670", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=702474", "reference_id": "702474", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=702474" }, { "reference_url": "https://security.gentoo.org/glsa/201401-32", "reference_id": "GLSA-201401-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-32" }, { "reference_url": "https://usn.ubuntu.com/1130-1/", "reference_id": "USN-1130-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1130-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582228?format=api", "purl": "pkg:deb/debian/exim4@4.75-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.75-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-1764" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rfam-rzrr-abhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45519?format=api", "vulnerability_id": "VCID-rgkw-1sqv-d7hx", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28016", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35138", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35596", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35358", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35337", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35256", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35606", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35652", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35675", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35684", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3564", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35618", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35657", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35647", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39752", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39774", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39604", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28016" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28016", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28016" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28016" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rgkw-1sqv-d7hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57177?format=api", "vulnerability_id": "VCID-rrea-52kb-3qf1", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://openwall.com/lists/oss-security/2017/11/25/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2017/11/25/1" }, { "reference_url": "http://openwall.com/lists/oss-security/2017/11/25/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2017/11/25/2" }, { "reference_url": "http://openwall.com/lists/oss-security/2017/11/25/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2017/11/25/3" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16944.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16944.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16944", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98908", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98934", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98925", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98928", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.9893", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.9891", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98912", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98914", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98916", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98915", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98917", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98918", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.9892", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98922", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16944" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16943" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16944" }, { "reference_url": "https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-4053" }, { "reference_url": "https://www.exploit-db.com/exploits/43184/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43184/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/05/04/7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7" }, { "reference_url": "http://www.securitytracker.com/id/1039873", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039873" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517684", "reference_id": "1517684", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517684" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882671", "reference_id": "882671", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882671" }, { "reference_url": "https://security.archlinux.org/ASA-201711-32", "reference_id": "ASA-201711-32", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-32" }, { "reference_url": "https://security.archlinux.org/AVG-518", "reference_id": "AVG-518", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-518" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.88:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.88:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.88:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.89:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.89:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.89:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=2201", "reference_id": "CVE-2017-16944", "reference_type": "exploit", "scores": [], "url": "https://bugs.exim.org/show_bug.cgi?id=2201" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/43184.txt", "reference_id": "CVE-2017-16944", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/43184.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16944", "reference_id": "CVE-2017-16944", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16944" }, { "reference_url": "https://security.gentoo.org/glsa/201803-01", "reference_id": "GLSA-201803-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-01" }, { "reference_url": "https://usn.ubuntu.com/3499-1/", "reference_id": "USN-3499-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3499-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585463?format=api", "purl": "pkg:deb/debian/exim4@4.89-13?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-16944" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rrea-52kb-3qf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50408?format=api", "vulnerability_id": "VCID-sam4-h21q-dkej", "summary": "Multiple vulnerabilities were found in Exim, the worst of which\n leading to remote execution of arbitrary code with root privileges.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091664.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091664.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090900.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090900.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090963.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090963.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00018.html" }, { "reference_url": "http://osvdb.org/86616", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/86616" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5671.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5671.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-5671", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.97096", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.97044", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.97051", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.97055", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.97056", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.97065", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.97066", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.9707", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.97071", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.97081", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.97084", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.97088", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.97089", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.97092", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.35729", "scoring_system": "epss", "scoring_elements": "0.97093", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-5671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5671" }, { "reference_url": "http://secunia.com/advisories/51098", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51098" }, { "reference_url": "http://secunia.com/advisories/51115", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51115" }, { "reference_url": "http://secunia.com/advisories/51153", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51153" }, { "reference_url": "http://secunia.com/advisories/51155", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51155" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79615" }, { "reference_url": "https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.html" }, { "reference_url": "http://www.debian.org/security/2012/dsa-2566", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2012/dsa-2566" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/10/26/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/10/26/5" }, { "reference_url": "http://www.securityfocus.com/bid/56285", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/56285" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1618-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1618-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=869953", "reference_id": "869953", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=869953" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5671", "reference_id": "CVE-2012-5671", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5671" }, { "reference_url": "https://security.gentoo.org/glsa/201401-32", "reference_id": "GLSA-201401-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-32" }, { "reference_url": "https://usn.ubuntu.com/1618-1/", "reference_id": "USN-1618-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1618-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583315?format=api", "purl": "pkg:deb/debian/exim4@4.80-5.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.80-5.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-5671" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sam4-h21q-dkej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56939?format=api", "vulnerability_id": "VCID-stsb-pwen-87g7", "summary": "Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51766", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81898", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81921", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81917", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81944", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81951", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81971", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.8196", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81955", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.8199", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81992", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.82015", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.82026", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.82031", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.8205", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51766" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059387", "reference_id": "1059387", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059387" }, { "reference_url": "https://security.gentoo.org/glsa/202402-18", "reference_id": "GLSA-202402-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-18" }, { "reference_url": "https://usn.ubuntu.com/6611-1/", "reference_id": "USN-6611-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6611-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584972?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/584973?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/584974?format=api", "purl": "pkg:deb/debian/exim4@4.97-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.97-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-51766" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-stsb-pwen-87g7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45522?format=api", "vulnerability_id": "VCID-swer-ztd6-nkga", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01682", "scoring_system": "epss", "scoring_elements": "0.82115", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01682", "scoring_system": "epss", "scoring_elements": "0.82128", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01682", "scoring_system": "epss", "scoring_elements": "0.82149", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82873", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82889", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82884", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.8288", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82919", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.8292", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82922", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82942", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82952", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82957", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82977", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82841", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82866", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28019" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-swer-ztd6-nkga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86269?format=api", "vulnerability_id": "VCID-teft-hqz3-7ubr", "summary": "exim: remote arbitrary code execution via DMARC code parsing", "references": [ { "reference_url": "http://git.exim.org/exim.git/commitdiff/5b7a7c051c9ab9ee7c924a611f90ef2be03e0ad0", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.exim.org/exim.git/commitdiff/5b7a7c051c9ab9ee7c924a611f90ef2be03e0ad0" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2957.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2957.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2957", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.82967", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.82911", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.82932", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.82942", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.82947", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.82832", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.82857", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.82864", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.8288", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.82875", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.82871", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.8291", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.82909", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02176", "scoring_system": "epss", "scoring_elements": "0.84279", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02176", "scoring_system": "epss", "scoring_elements": "0.84298", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02176", "scoring_system": "epss", "scoring_elements": "0.84266", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2957" }, { "reference_url": "https://lists.exim.org/lurker/message/20140528.122536.a31d60a4.en.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.exim.org/lurker/message/20140528.122536.a31d60a4.en.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/05/04/7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101725", "reference_id": "1101725", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101725" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.80.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2957", "reference_id": "CVE-2014-2957", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2957" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586749?format=api", "purl": "pkg:deb/debian/exim4@4.82.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.82.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-2957" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-teft-hqz3-7ubr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45516?format=api", "vulnerability_id": "VCID-tpt6-ze4u-a7dt", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35376", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35838", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3561", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35579", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35492", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35846", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35919", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35925", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35884", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3586", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.359", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35887", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.4003", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40056", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39882", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28013" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tpt6-ze4u-a7dt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89316?format=api", "vulnerability_id": "VCID-u1km-244u-qugh", "summary": "security flaw", "references": [ { "reference_url": "http://ftp6.us.freebsd.org/pub/mail/exim/ChangeLogs/ChangeLog-4.44", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ftp6.us.freebsd.org/pub/mail/exim/ChangeLogs/ChangeLog-4.44" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0021.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0021.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0021", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.86213", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.86084", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.86094", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.86111", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.8611", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.86129", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.86141", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.86155", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.86154", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.8615", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.86167", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.86172", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.86163", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.86184", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02817", "scoring_system": "epss", "scoring_elements": "0.86194", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0021" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200501-23.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200501-23.xml" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10347" }, { "reference_url": "http://www.debian.org/security/2005/dsa-635", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2005/dsa-635" }, { "reference_url": "http://www.debian.org/security/2005/dsa-637", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2005/dsa-637" }, { "reference_url": "http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.html" }, { "reference_url": "http://www.idefense.com/application/poi/display?id=179&type=vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.idefense.com/application/poi/display?id=179&type=vulnerabilities" }, { "reference_url": "http://www.idefense.com/application/poi/display?id=183&type=vulnerabilities", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.idefense.com/application/poi/display?id=183&type=vulnerabilities" }, { "reference_url": "http://www.kb.cert.org/vuls/id/132992", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/132992" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2005-025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2005-025.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617439", "reference_id": "1617439", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617439" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.41:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:university_of_cambridge:exim:4.41:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.41:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.42:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:university_of_cambridge:exim:4.42:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.42:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0021", "reference_id": "CVE-2005-0021", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0021" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/1009.c", "reference_id": "OSVDB-12946;CVE-2005-0021", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/1009.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/756.c", "reference_id": "OSVDB-12946;CVE-2005-0021", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/756.c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:025", "reference_id": "RHSA-2005:025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:025" }, { "reference_url": "https://usn.ubuntu.com/56-1/", "reference_id": "USN-56-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/56-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/584854?format=api", "purl": "pkg:deb/debian/exim4@4.34-10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.34-10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-0021" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u1km-244u-qugh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79757?format=api", "vulnerability_id": "VCID-ujms-hna1-z7e6", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12783.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12783.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12783", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86372", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86383", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.864", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.86943", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.86963", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.8697", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.86984", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.86978", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.86973", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.86988", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.86992", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.8699", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.87008", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.87013", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.87015", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.87035", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12783" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12783", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12783" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1836362", "reference_id": "1836362", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1836362" }, { "reference_url": "https://usn.ubuntu.com/4366-1/", "reference_id": "USN-4366-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4366-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586780?format=api", "purl": "pkg:deb/debian/exim4@4.93-16?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.93-16%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-12783" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ujms-hna1-z7e6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45518?format=api", "vulnerability_id": "VCID-v1t8-y73h-vyee", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34597", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35068", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34836", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34818", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34725", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35077", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35122", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35147", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35152", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35117", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35093", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35131", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39189", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39211", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39003", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28015" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v1t8-y73h-vyee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40023?format=api", "vulnerability_id": "VCID-vykx-t8yc-tycc", "summary": "A local attacker could execute arbitrary code by providing\n unsanitized data to a data source or escalate privileges.", "references": [ { "reference_url": "http://git.exim.org/exim.git/commitdiff/7685ce68148a083d7759e78d01aa5198fc099c44", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.exim.org/exim.git/commitdiff/7685ce68148a083d7759e78d01aa5198fc099c44" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136251.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136251.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136264.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136264.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2972.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2972.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2972", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43609", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43858", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43902", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43925", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43855", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43906", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43908", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43926", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43893", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43877", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43939", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.4393", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43862", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43814", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43816", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43736", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2972" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2972", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2972" }, { "reference_url": "https://lists.exim.org/lurker/message/20140722.145949.42c043f5.en.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.exim.org/lurker/message/20140722.145949.42c043f5.en.html" }, { "reference_url": "https://lists.exim.org/lurker/message/20140722.152452.d6c019e8.en.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.exim.org/lurker/message/20140722.152452.d6c019e8.en.html" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2933-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2933-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1122552", "reference_id": "1122552", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1122552" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.80.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.82:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.82:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.82:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2972", "reference_id": "CVE-2014-2972", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2972" }, { "reference_url": "https://security.gentoo.org/glsa/201607-12", "reference_id": "GLSA-201607-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-12" }, { "reference_url": "https://usn.ubuntu.com/2933-1/", "reference_id": "USN-2933-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2933-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586276?format=api", "purl": "pkg:deb/debian/exim4@4.82.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.82.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-2972" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vykx-t8yc-tycc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39285?format=api", "vulnerability_id": "VCID-x7cz-svaj-rkb5", "summary": "A vulnerability in Exim may allow local users to gain root\n privileges.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000369.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000369.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000369", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54139", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54156", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54186", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.5416", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54212", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54208", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54258", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.5424", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.5422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54262", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54243", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54222", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54198", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54146", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000369" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000369", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000369" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457748", "reference_id": "1457748", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457748" }, { "reference_url": "https://security.archlinux.org/ASA-201711-32", "reference_id": "ASA-201711-32", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-32" }, { "reference_url": "https://security.archlinux.org/AVG-518", "reference_id": "AVG-518", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-518" }, { "reference_url": "https://security.gentoo.org/glsa/201709-19", "reference_id": "GLSA-201709-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201709-19" }, { "reference_url": "https://usn.ubuntu.com/3322-1/", "reference_id": "USN-3322-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3322-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586822?format=api", "purl": "pkg:deb/debian/exim4@4.89-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1000369" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x7cz-svaj-rkb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50403?format=api", "vulnerability_id": "VCID-ynbw-8a6a-sug8", "summary": "Multiple vulnerabilities were found in Exim, the worst of which\n leading to remote execution of arbitrary code with root privileges.", "references": [ { "reference_url": "ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70" }, { "reference_url": "http://atmail.com/blog/2010/atmail-6204-now-available/", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://atmail.com/blog/2010/atmail-6204-now-available/" }, { "reference_url": "http://bugs.exim.org/show_bug.cgi?id=787", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://bugs.exim.org/show_bug.cgi?id=787" }, { "reference_url": "http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b" }, { "reference_url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2010/12/10/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://openwall.com/lists/oss-security/2010/12/10/1" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4344.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4344.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4344", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.53064", "scoring_system": "epss", "scoring_elements": "0.97968", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.53064", "scoring_system": "epss", "scoring_elements": "0.97966", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.53064", "scoring_system": "epss", "scoring_elements": "0.97979", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.53064", "scoring_system": "epss", "scoring_elements": "0.97972", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.61461", "scoring_system": "epss", "scoring_elements": "0.98312", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.61461", "scoring_system": "epss", "scoring_elements": "0.98314", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.61461", "scoring_system": "epss", "scoring_elements": "0.98317", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.61461", "scoring_system": "epss", "scoring_elements": "0.98319", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.61461", "scoring_system": "epss", "scoring_elements": "0.98324", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.61461", "scoring_system": "epss", "scoring_elements": "0.98325", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.61461", "scoring_system": "epss", "scoring_elements": "0.98328", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.61461", "scoring_system": "epss", "scoring_elements": "0.98333", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4344" }, { "reference_url": "http://secunia.com/advisories/40019", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://secunia.com/advisories/40019" }, { "reference_url": "http://secunia.com/advisories/42576", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://secunia.com/advisories/42576" }, { "reference_url": "http://secunia.com/advisories/42586", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://secunia.com/advisories/42586" }, { "reference_url": "http://secunia.com/advisories/42587", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://secunia.com/advisories/42587" }, { "reference_url": "http://secunia.com/advisories/42589", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://secunia.com/advisories/42589" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-4344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-4344" }, { "reference_url": "http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.html" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2131", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.debian.org/security/2010/dsa-2131" }, { "reference_url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html" }, { "reference_url": "http://www.kb.cert.org/vuls/id/682457", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.kb.cert.org/vuls/id/682457" }, { "reference_url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/05/04/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7" }, { "reference_url": "http://www.osvdb.org/69685", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.osvdb.org/69685" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0970.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0970.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.securityfocus.com/archive/1/515172/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/45308", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.securityfocus.com/bid/45308" }, { "reference_url": "http://www.securitytracker.com/id?1024858", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.securitytracker.com/id?1024858" }, { "reference_url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1032-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.ubuntu.com/usn/USN-1032-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3171", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3171" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3172", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3172" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3181", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3181" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3186", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3186" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3204", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3204" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3246", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3246" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3317", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "http://www.vupen.com/english/advisories/2010/3317" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606612", "reference_id": "606612", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606612" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=661756", "reference_id": "661756", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=661756" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4344", "reference_id": "CVE-2010-4344", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4344" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/15725.pl", "reference_id": "CVE-2010-4344;OSVDB-69685", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/15725.pl" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16925.rb", "reference_id": "CVE-2010-4345;CVE-2010-4344;OSVDB-69685", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16925.rb" }, { "reference_url": "https://security.gentoo.org/glsa/201401-32", "reference_id": "GLSA-201401-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0970", "reference_id": "RHSA-2010:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0970" }, { "reference_url": "https://usn.ubuntu.com/1032-1/", "reference_id": "USN-1032-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1032-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586010?format=api", "purl": "pkg:deb/debian/exim4@4.70-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.70-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-4344" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ynbw-8a6a-sug8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48312?format=api", "vulnerability_id": "VCID-yytq-tcvz-43dq", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13917.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13917.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13917", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95415", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95424", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.9543", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95434", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95441", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95443", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95448", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.9545", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95459", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95464", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95468", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95469", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.9547", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.9548", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13917" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13917" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731412", "reference_id": "1731412", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731412" }, { "reference_url": "https://security.archlinux.org/ASA-201908-4", "reference_id": "ASA-201908-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-4" }, { "reference_url": "https://security.archlinux.org/AVG-1011", "reference_id": "AVG-1011", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1011" }, { "reference_url": "https://security.gentoo.org/glsa/201909-06", "reference_id": "GLSA-201909-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201909-06" }, { "reference_url": "https://usn.ubuntu.com/4075-1/", "reference_id": "USN-4075-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4075-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/586071?format=api", "purl": "pkg:deb/debian/exim4@4.92-10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-13917" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yytq-tcvz-43dq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45529?format=api", "vulnerability_id": "VCID-z51d-zdeq-suas", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04033", "scoring_system": "epss", "scoring_elements": "0.88446", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04033", "scoring_system": "epss", "scoring_elements": "0.88462", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04033", "scoring_system": "epss", "scoring_elements": "0.88438", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88952", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88964", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88958", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88957", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.8897", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88968", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88981", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88989", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88996", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88929", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88947", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583054?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582229?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582230?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582231?format=api", "purl": "pkg:deb/debian/exim4@4.98.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582232?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081514?format=api", "purl": "pkg:deb/debian/exim4@4.99.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088665?format=api", "purl": "pkg:deb/debian/exim4@4.99.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-28024" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z51d-zdeq-suas" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie" }