Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/196950?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "matomo", "version": "5.3.1+dfsg-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "0", "latest_non_vulnerable_version": "5.8.0-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66487?format=api", "vulnerability_id": "VCID-2aqx-we3j-rybv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2786", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.6657", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2786" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-2786" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2aqx-we3j-rybv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69149?format=api", "vulnerability_id": "VCID-4mcg-tyw5-zbhh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0398", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.4976", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0398" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0398" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4mcg-tyw5-zbhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/137852?format=api", "vulnerability_id": "VCID-6jry-bx33-suh9", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12215", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.4387", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12215" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-12215" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6jry-bx33-suh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68821?format=api", "vulnerability_id": "VCID-96kx-sctq-q7an", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00705", "scoring_system": "epss", "scoring_elements": "0.72423", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0004" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0004" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-96kx-sctq-q7an" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69151?format=api", "vulnerability_id": "VCID-97qx-yu3h-yfez", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0400", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58221", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0400" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0400" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-97qx-yu3h-yfez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69150?format=api", "vulnerability_id": "VCID-9at6-8ykc-gfdx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.60214", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0399" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0399" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9at6-8ykc-gfdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65241?format=api", "vulnerability_id": "VCID-cbqq-8qua-8qd3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1453", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02055", "scoring_system": "epss", "scoring_elements": "0.84175", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1453" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/33814.txt", "reference_id": "CVE-2010-1453;OSVDB-64359", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/33814.txt" }, { "reference_url": "https://www.securityfocus.com/bid/39144/info", "reference_id": "CVE-2010-1453;OSVDB-64359", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/39144/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-1453" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbqq-8qua-8qd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60026?format=api", "vulnerability_id": "VCID-eepd-vyxv-x3hx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1085", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49566", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1085" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1085" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eepd-vyxv-x3hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16246?format=api", "vulnerability_id": "VCID-ftxv-cf66-fqby", "summary": "Piwik (now Matomo) Reveals Sensitive Information by Accepting Input from `POST` Requests\nPiwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of parameters.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2633", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49341", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2633" }, { "reference_url": "https://github.com/matomo-org/matomo", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/matomo-org/matomo" }, { "reference_url": "https://web.archive.org/web/20130313093839/http://piwik.org/blog/2013/03/piwik-1-11", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20130313093839/http://piwik.org/blog/2013/03/piwik-1-11" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2633", "reference_id": "CVE-2013-2633", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2633" }, { "reference_url": "https://github.com/advisories/GHSA-v8h8-93mx-82h5", "reference_id": "GHSA-v8h8-93mx-82h5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v8h8-93mx-82h5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-2633", "GHSA-v8h8-93mx-82h5" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ftxv-cf66-fqby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62881?format=api", "vulnerability_id": "VCID-ghky-ke52-9ud1", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.91085", "scoring_system": "epss", "scoring_elements": "0.99659", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4140" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29091.txt", "reference_id": "CVE-2011-4275;CVE-2009-4140;OSVDB-59051", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29091.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/29210.rb", "reference_id": "CVE-2011-4275;OSVDB-59051;CVE-2009-4140", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/29210.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/10532.txt", "reference_id": "CVE-2011-4275;OSVDB-59051;CVE-2009-4140", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/10532.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/24969.txt", "reference_id": "CVE-2011-4275;OSVDB-59051;CVE-2009-4140", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/24969.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/24529.rb", "reference_id": "OSVDB-90222;CVE-2011-4275;CVE-2009-4140;OSVDB-59051", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/24529.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/24492.php", "reference_id": "OSVDB-90222;CVE-2011-4275;CVE-2009-4140;OSVDB-59051", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/24492.php" }, { "reference_url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5126.php", "reference_id": "OSVDB-90222;CVE-2011-4275;CVE-2009-4140;OSVDB-59051", "reference_type": "exploit", "scores": [], "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5126.php" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-4140" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ghky-ke52-9ud1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78678?format=api", "vulnerability_id": "VCID-ht8u-v8ep-uudj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0194", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64957", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0194" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-0194" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ht8u-v8ep-uudj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98796?format=api", "vulnerability_id": "VCID-jbm7-9uag-kbhf", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7815", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01351", "scoring_system": "epss", "scoring_elements": "0.80407", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7815" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-7815" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jbm7-9uag-kbhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78677?format=api", "vulnerability_id": "VCID-jpuy-xz3s-e7b7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0193", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64957", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0193" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-0193" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jpuy-xz3s-e7b7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69152?format=api", "vulnerability_id": "VCID-k55e-kgkn-73dr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.79146", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0401" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0401" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k55e-kgkn-73dr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/294928?format=api", "vulnerability_id": "VCID-py6n-5yzy-wygv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-34104", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.7356", "scoring_system": "epss", "scoring_elements": "0.98832", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-34104" }, { "reference_url": "https://matomo.org/faq/plugins/faq_21/", "reference_id": "faq_21", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T13:34:41Z/" } ], "url": "https://matomo.org/faq/plugins/faq_21/" }, { "reference_url": "https://matomo.org/changelog/piwik-3-0-3/", "reference_id": "piwik-3-0-3", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T13:34:41Z/" } ], "url": "https://matomo.org/changelog/piwik-3-0-3/" }, { "reference_url": "https://www.vulncheck.com/advisories/piwik-authenticated-rce-via-custom-plugin-upload", "reference_id": "piwik-authenticated-rce-via-custom-plugin-upload", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T13:34:41Z/" } ], "url": "https://www.vulncheck.com/advisories/piwik-authenticated-rce-via-custom-plugin-upload" }, { "reference_url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/piwik_superuser_plugin_upload.rb", "reference_id": "piwik_superuser_plugin_upload.rb", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T13:34:41Z/" } ], "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/piwik_superuser_plugin_upload.rb" }, { "reference_url": "https://firefart.at/post/turning_piwik_superuser_creds_into_rce/", "reference_id": "turning_piwik_superuser_creds_into_rce", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T13:34:41Z/" } ], "url": "https://firefart.at/post/turning_piwik_superuser_creds_into_rce/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-34104" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-py6n-5yzy-wygv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15966?format=api", "vulnerability_id": "VCID-q76g-jdmt-zfa3", "summary": "Piwik (now Matomo) Vulnerable to Arbitrary Code Execution\nUnspecified vulnerability in Piwik 1.2 through 1.4 allows remote attackers with the view permission to execute arbitrary code via unknown attack vectors.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4941", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80761", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4941" }, { "reference_url": "https://github.com/matomo-org/matomo", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/matomo-org/matomo" }, { "reference_url": "https://web.archive.org/web/20110626223028/http://piwik.org/blog/2011/06/piwik-1-5-security-advisory", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20110626223028/http://piwik.org/blog/2011/06/piwik-1-5-security-advisory" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/03/18/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2012/03/18/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/03/19/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2012/03/19/8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4941", "reference_id": "CVE-2011-4941", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4941" }, { "reference_url": "https://github.com/advisories/GHSA-2qr8-h6pq-m27v", "reference_id": "GHSA-2qr8-h6pq-m27v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2qr8-h6pq-m27v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-4941", "GHSA-2qr8-h6pq-m27v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q76g-jdmt-zfa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78679?format=api", "vulnerability_id": "VCID-uxfm-cu4d-bqhn", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0195", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64957", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0195" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-0195" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uxfm-cu4d-bqhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98797?format=api", "vulnerability_id": "VCID-v6ua-9ww4-4qb8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7816", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62419", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7816" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-7816" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v6ua-9ww4-4qb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62878?format=api", "vulnerability_id": "VCID-wq1n-dq4p-n7e8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4137", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04884", "scoring_system": "epss", "scoring_elements": "0.89738", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4137" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-4137" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wq1n-dq4p-n7e8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15870?format=api", "vulnerability_id": "VCID-zvwh-8431-f7a3", "summary": "Piwik (now Matomo) Vulnerable to Cross-Site Scripting (XSS)\nCross-site scripting (XSS) vulnerability in Piwik before 1.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1844", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45336", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1844" }, { "reference_url": "https://github.com/matomo-org/matomo", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/matomo-org/matomo" }, { "reference_url": "https://web.archive.org/web/20130313093839/http://piwik.org/blog/2013/03/piwik-1-11", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20130313093839/http://piwik.org/blog/2013/03/piwik-1-11" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/03/12/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/03/12/4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1844", "reference_id": "CVE-2013-1844", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1844" }, { "reference_url": "https://github.com/advisories/GHSA-5fpj-6vq6-fmwh", "reference_id": "GHSA-5fpj-6vq6-fmwh", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5fpj-6vq6-fmwh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-1844", "GHSA-5fpj-6vq6-fmwh" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zvwh-8431-f7a3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77106?format=api", "vulnerability_id": "VCID-zxa4-xkb6-pyhr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48959", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4541" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196949?format=api", "purl": "pkg:deb/debian/matomo@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196950?format=api", "purl": "pkg:deb/debian/matomo@5.3.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196948?format=api", "purl": "pkg:deb/debian/matomo@5.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.8.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-4541" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zxa4-xkb6-pyhr" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matomo@5.3.1%252Bdfsg-1%3Fdistro=trixie" }