Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1082015?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1082015?format=api", "purl": "pkg:deb/debian/bash@4.3-11%2Bdeb8u1", "type": "deb", "namespace": "debian", "name": "bash", "version": "4.3-11+deb8u1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "5.2.15-2", "latest_non_vulnerable_version": "5.2.15-2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6623?format=api", "vulnerability_id": "VCID-2ant-qsbm-37d9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18276.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18276.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18276", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.50225", "scoring_system": "epss", "scoring_elements": "0.97902", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.50225", "scoring_system": "epss", "scoring_elements": "0.97893", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18276" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1778309", "reference_id": "1778309", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1778309" }, { "reference_url": "https://security.gentoo.org/glsa/202105-34", "reference_id": "202105-34", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-09T15:50:29Z/" } ], "url": "https://security.gentoo.org/glsa/202105-34" }, { "reference_url": "https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff", "reference_id": "951bdaad7a18cc0dc1036bba86b18b90874d39ff", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-09T15:50:29Z/" } ], "url": "https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff" }, { "reference_url": "http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html", "reference_id": "Bash-5.0-Patch-11-Privilege-Escalation.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-09T15:50:29Z/" } ], "url": "http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "cpuapr2022.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-09T15:50:29Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200430-0003/", "reference_id": "ntap-20200430-0003", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-09T15:50:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20200430-0003/" }, { "reference_url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", "reference_id": "rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-09T15:50:29Z/" } ], "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1679", "reference_id": "RHSA-2021:1679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1679" }, { "reference_url": "https://usn.ubuntu.com/5380-1/", "reference_id": "USN-5380-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5380-1/" }, { "reference_url": "https://www.youtube.com/watch?v=-wGtxJ8opa8", "reference_id": "watch?v=-wGtxJ8opa8", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-09T15:50:29Z/" } ], "url": "https://www.youtube.com/watch?v=-wGtxJ8opa8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1079129?format=api", "purl": "pkg:deb/debian/bash@5.1-2%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ccw7-5c23-bfcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.1-2%252Bdeb11u1" } ], "aliases": [ "CVE-2019-18276" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ant-qsbm-37d9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7426?format=api", "vulnerability_id": "VCID-6sdv-wm7w-kbd5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9924.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9924.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9924", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.55424", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.55545", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9924" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691774", "reference_id": "1691774", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1113", "reference_id": "RHSA-2020:1113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3474", "reference_id": "RHSA-2020:3474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3592", "reference_id": "RHSA-2020:3592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3803", "reference_id": "RHSA-2020:3803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3803" }, { "reference_url": "https://usn.ubuntu.com/4058-1/", "reference_id": "USN-4058-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4058-1/" }, { "reference_url": "https://usn.ubuntu.com/4058-2/", "reference_id": "USN-4058-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4058-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1082016?format=api", "purl": "pkg:deb/debian/bash@4.4-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ant-qsbm-37d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.4-5" } ], "aliases": [ "CVE-2019-9924" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6sdv-wm7w-kbd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2109?format=api", "vulnerability_id": "VCID-6u87-8gdp-kff5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9401.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9401.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12661", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12752", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9401" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396383", "reference_id": "1396383", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396383" }, { "reference_url": "https://security.gentoo.org/glsa/201701-02", "reference_id": "201701-02", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-06T21:11:48Z/" } ], "url": "https://security.gentoo.org/glsa/201701-02" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/11/17/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-06T21:11:48Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/11/17/5" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844727", "reference_id": "844727", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844727" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/11/17/9", "reference_id": "9", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-06T21:11:48Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/11/17/9" }, { "reference_url": "http://www.securityfocus.com/bid/94398", "reference_id": "94398", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-06T21:11:48Z/" } ], "url": "http://www.securityfocus.com/bid/94398" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-06T21:11:48Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00028.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0725", "reference_id": "RHSA-2017:0725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0725" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0725.html", "reference_id": "RHSA-2017-0725.html", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-06T21:11:48Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0725.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1931", "reference_id": "RHSA-2017:1931", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-06T21:11:48Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1931" }, { "reference_url": "https://usn.ubuntu.com/3294-1/", "reference_id": "USN-3294-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3294-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1082016?format=api", "purl": "pkg:deb/debian/bash@4.4-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ant-qsbm-37d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.4-5" } ], "aliases": [ "CVE-2016-9401" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6u87-8gdp-kff5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3680?format=api", "vulnerability_id": "VCID-9rdp-azhv-63fd", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5932.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5932.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5932", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45861", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.46006", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420674", "reference_id": "1420674", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420674" }, { "reference_url": "https://usn.ubuntu.com/3294-1/", "reference_id": "USN-3294-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3294-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1082016?format=api", "purl": "pkg:deb/debian/bash@4.4-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ant-qsbm-37d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.4-5" } ], "aliases": [ "CVE-2017-5932" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9rdp-azhv-63fd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1843?format=api", "vulnerability_id": "VCID-jkzr-5ga8-1kh1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7543.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7543.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7543", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26894", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27096", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7543" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379630", "reference_id": "1379630", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0725", "reference_id": "RHSA-2017:0725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1931", "reference_id": "RHSA-2017:1931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1931" }, { "reference_url": "https://usn.ubuntu.com/3294-1/", "reference_id": "USN-3294-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3294-1/" }, { "reference_url": "https://usn.ubuntu.com/3294-2/", "reference_id": "USN-3294-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3294-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1082016?format=api", "purl": "pkg:deb/debian/bash@4.4-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ant-qsbm-37d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.4-5" } ], "aliases": [ "CVE-2016-7543" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jkzr-5ga8-1kh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/694?format=api", "vulnerability_id": "VCID-pddx-ctd3-6bbd", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0634.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0634.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0634", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03691", "scoring_system": "epss", "scoring_elements": "0.88244", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.03691", "scoring_system": "epss", "scoring_elements": "0.88204", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0634" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/09/20/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/09/20/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/09/18/11", "reference_id": "11", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/09/18/11" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/09/16/12", "reference_id": "12", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/09/16/12" }, { "reference_url": "https://security.gentoo.org/glsa/201612-39", "reference_id": "201612-39", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "https://security.gentoo.org/glsa/201612-39" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/09/29/27", "reference_id": "27", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/09/29/27" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/10/10/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/10/10/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/10/10/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/10/10/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/10/07/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/10/07/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/09/19/7", "reference_id": "7", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/09/19/7" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/09/16/8", "reference_id": "8", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/09/16/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/09/27/9", "reference_id": "9", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/09/27/9" }, { "reference_url": "http://www.securityfocus.com/bid/92999", "reference_id": "92999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "http://www.securityfocus.com/bid/92999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0725", "reference_id": "RHSA-2017:0725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0725" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0725.html", "reference_id": "RHSA-2017-0725.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0725.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1931", "reference_id": "RHSA-2017:1931", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1931" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377613", "reference_id": "show_bug.cgi?id=1377613", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:15Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377613" }, { "reference_url": "https://usn.ubuntu.com/3294-1/", "reference_id": "USN-3294-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3294-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1082016?format=api", "purl": "pkg:deb/debian/bash@4.4-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ant-qsbm-37d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.4-5" } ], "aliases": [ "CVE-2016-0634" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pddx-ctd3-6bbd" } ], "fixing_vulnerabilities": [], "risk_score": "3.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.3-11%252Bdeb8u1" }