Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/219040?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/219040?format=api", "purl": "pkg:deb/debian/openafs@1.3.81-3sarge3", "type": "deb", "namespace": "debian", "name": "openafs", "version": "1.3.81-3sarge3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.8.9-1+deb12u1", "latest_non_vulnerable_version": "1.8.9-1+deb12u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96158?format=api", "vulnerability_id": "VCID-1fpz-k79d-t3bs", "summary": "An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before returning, leaking memory contents from both the stack and the heap. Because the OpenAFS cache manager functions as an Rx server for the AFSCB service, clients are also susceptible to information leakage. For example, RXAFSCB_TellMeAboutYourself leaks kernel memory and KAM_ListEntry leaks kaserver memory.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16948", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58208", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58257", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58265", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58255", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.5824", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16949" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908616", "reference_id": "908616", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908616" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/515584?format=api", "purl": "pkg:deb/debian/openafs@1.6.20-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.20-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/519138?format=api", "purl": "pkg:deb/debian/openafs@1.8.2-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.2-1%252Bdeb10u1" } ], "aliases": [ "CVE-2018-16948" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1fpz-k79d-t3bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96145?format=api", "vulnerability_id": "VCID-1xfw-vv5d-93b5", "summary": "pioctls in OpenAFS 1.6.x before 1.6.13 allows local users to read kernel memory via crafted commands.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19616", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19693", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19689", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19645", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19577", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6587" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/302706?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u4~bpo70%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/515583?format=api", "purl": "pkg:deb/debian/openafs@1.6.18.2-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.18.2-1~bpo8%252B1" } ], "aliases": [ "CVE-2015-3284" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1xfw-vv5d-93b5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96143?format=api", "vulnerability_id": "VCID-1yg1-xvt5-yugp", "summary": "vos in OpenAFS before 1.6.13, when updating VLDB entries, allows remote attackers to obtain stack data by sniffing the network.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3282", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64986", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65029", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65039", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65027", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65015", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6587" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/302706?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u4~bpo70%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/515583?format=api", "purl": "pkg:deb/debian/openafs@1.6.18.2-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.18.2-1~bpo8%252B1" } ], "aliases": [ "CVE-2015-3282" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1yg1-xvt5-yugp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96152?format=api", "vulnerability_id": "VCID-3jm4-2n5b-5ygs", "summary": "Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8312", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12309", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12392", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12393", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12357", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12276", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2860" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/304073?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/515583?format=api", "purl": "pkg:deb/debian/openafs@1.6.18.2-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.18.2-1~bpo8%252B1" } ], "aliases": [ "CVE-2015-8312" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3jm4-2n5b-5ygs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96165?format=api", "vulnerability_id": "VCID-4nqz-pqv7-xkeu", "summary": "A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10397", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.4781", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47813", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47794", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47765", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10397" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087406", "reference_id": "1087406", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087406" }, { "reference_url": "https://www.openafs.org/pages/security/OPENAFS-SA-2024-003.txt", "reference_id": "OPENAFS-SA-2024-003.txt", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:46:42Z/" } ], "url": "https://www.openafs.org/pages/security/OPENAFS-SA-2024-003.txt" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/774443?format=api", "purl": "pkg:deb/debian/openafs@1.8.9-1%2Bdeb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.9-1%252Bdeb12u1" } ], "aliases": [ "CVE-2024-10397" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4nqz-pqv7-xkeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96161?format=api", "vulnerability_id": "VCID-5ksv-vbwy-gygz", "summary": "OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.6181", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61859", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61867", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61856", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61841", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18602" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943587", "reference_id": "943587", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943587" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582834?format=api", "purl": "pkg:deb/debian/openafs@1.8.6-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.6-5" } ], "aliases": [ "CVE-2019-18602" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ksv-vbwy-gygz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96156?format=api", "vulnerability_id": "VCID-7693-4ytg-h7c7", "summary": "OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-17432", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.79547", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.79573", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.79579", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01235", "scoring_system": "epss", "scoring_elements": "0.79563", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-17432" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17432", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17432" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883602", "reference_id": "883602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/304073?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/515584?format=api", "purl": "pkg:deb/debian/openafs@1.6.20-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.20-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/519138?format=api", "purl": "pkg:deb/debian/openafs@1.8.2-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.2-1%252Bdeb10u1" } ], "aliases": [ "CVE-2017-17432" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7693-4ytg-h7c7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96139?format=api", "vulnerability_id": "VCID-78ha-yjbm-8bca", "summary": "Buffer overflow in the GetStatistics64 remote procedure call (RPC) in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service (crash) via a crafted statsVersion argument.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0159", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01389", "scoring_system": "epss", "scoring_elements": "0.80683", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01389", "scoring_system": "epss", "scoring_elements": "0.8071", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01389", "scoring_system": "epss", "scoring_elements": "0.80713", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01389", "scoring_system": "epss", "scoring_elements": "0.80709", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01389", "scoring_system": "epss", "scoring_elements": "0.80706", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2852" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/302705?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u2" } ], "aliases": [ "CVE-2014-0159" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-78ha-yjbm-8bca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96131?format=api", "vulnerability_id": "VCID-79rk-s436-rbh1", "summary": "Double free vulnerability in the Rx server process in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions allows remote attackers to cause a denial of service and execute arbitrary code via unknown vectors.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0430", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02959", "scoring_system": "epss", "scoring_elements": "0.86739", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02959", "scoring_system": "epss", "scoring_elements": "0.86762", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02959", "scoring_system": "epss", "scoring_elements": "0.8676", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02959", "scoring_system": "epss", "scoring_elements": "0.86757", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02959", "scoring_system": "epss", "scoring_elements": "0.86747", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0430" }, { "reference_url": "https://security.gentoo.org/glsa/201404-05", "reference_id": "GLSA-201404-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201404-05" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" } ], "aliases": [ "CVE-2011-0430" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-79rk-s436-rbh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96155?format=api", "vulnerability_id": "VCID-82ab-dv8d-9bfv", "summary": "OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9772", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50068", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50129", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50138", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50123", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50094", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9772" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846922", "reference_id": "846922", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846922" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/515584?format=api", "purl": "pkg:deb/debian/openafs@1.6.20-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.20-2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-9772" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-82ab-dv8d-9bfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96128?format=api", "vulnerability_id": "VCID-9tr8-64hh-9kdp", "summary": "The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1250", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05847", "scoring_system": "epss", "scoring_elements": "0.90712", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.05847", "scoring_system": "epss", "scoring_elements": "0.90725", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.05847", "scoring_system": "epss", "scoring_elements": "0.90724", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.05847", "scoring_system": "epss", "scoring_elements": "0.90722", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.05847", "scoring_system": "epss", "scoring_elements": "0.90719", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1250" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1250", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1250" }, { "reference_url": "https://security.gentoo.org/glsa/201101-05", "reference_id": "GLSA-201101-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201101-05" }, { "reference_url": "https://security.gentoo.org/glsa/201404-05", "reference_id": "GLSA-201404-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201404-05" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219047?format=api", "purl": "pkg:deb/debian/openafs@1.4.12.1%2Bdfsg-4%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-79rk-s436-rbh1" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-dtye-ub63-ekf4" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-m6d1-s7w9-7qbv" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-z151-brjq-yuht" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.4.12.1%252Bdfsg-4%252Bsqueeze3" } ], "aliases": [ "CVE-2009-1250" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9tr8-64hh-9kdp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96129?format=api", "vulnerability_id": "VCID-a4wg-mgba-f7ds", "summary": "Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1251", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09904", "scoring_system": "epss", "scoring_elements": "0.93151", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.09904", "scoring_system": "epss", "scoring_elements": "0.93162", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.09904", "scoring_system": "epss", "scoring_elements": "0.93161", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.09904", "scoring_system": "epss", "scoring_elements": "0.93158", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.09904", "scoring_system": "epss", "scoring_elements": "0.93156", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1251" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1251", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1251" }, { "reference_url": "https://security.gentoo.org/glsa/201101-05", "reference_id": "GLSA-201101-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201101-05" }, { "reference_url": "https://security.gentoo.org/glsa/201404-05", "reference_id": "GLSA-201404-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201404-05" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219047?format=api", "purl": "pkg:deb/debian/openafs@1.4.12.1%2Bdfsg-4%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-79rk-s436-rbh1" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-dtye-ub63-ekf4" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-m6d1-s7w9-7qbv" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-z151-brjq-yuht" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.4.12.1%252Bdfsg-4%252Bsqueeze3" } ], "aliases": [ "CVE-2009-1251" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a4wg-mgba-f7ds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96150?format=api", "vulnerability_id": "VCID-anxg-fktu-pfcu", "summary": "rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7762", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64986", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65029", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65039", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65027", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65015", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7763" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/304073?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/515583?format=api", "purl": "pkg:deb/debian/openafs@1.6.18.2-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.18.2-1~bpo8%252B1" } ], "aliases": [ "CVE-2015-7762" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-anxg-fktu-pfcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96127?format=api", "vulnerability_id": "VCID-b9m1-xt9p-myhn", "summary": "Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6599", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01514", "scoring_system": "epss", "scoring_elements": "0.81545", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01514", "scoring_system": "epss", "scoring_elements": "0.81573", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01514", "scoring_system": "epss", "scoring_elements": "0.81576", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01514", "scoring_system": "epss", "scoring_elements": "0.81575", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01514", "scoring_system": "epss", "scoring_elements": "0.81567", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6599" }, { "reference_url": "https://security.gentoo.org/glsa/200801-04", "reference_id": "GLSA-200801-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200801-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219046?format=api", "purl": "pkg:deb/debian/openafs@1.4.7.dfsg1-6%2Blenny4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-79rk-s436-rbh1" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-9tr8-64hh-9kdp" }, { "vulnerability": "VCID-a4wg-mgba-f7ds" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-dtye-ub63-ekf4" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-m6d1-s7w9-7qbv" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-z151-brjq-yuht" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.4.7.dfsg1-6%252Blenny4" } ], "aliases": [ "CVE-2007-6599" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b9m1-xt9p-myhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96137?format=api", "vulnerability_id": "VCID-bu6u-mgss-jyhg", "summary": "The vos command in OpenAFS 1.6.x before 1.6.5, when using the -encrypt option, only enables integrity protection and sends data in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4135", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51911", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51971", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.5198", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51959", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51928", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4134", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4134" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4135" }, { "reference_url": "https://security.gentoo.org/glsa/201404-05", "reference_id": "GLSA-201404-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201404-05" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/302705?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u2" } ], "aliases": [ "CVE-2013-4135" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bu6u-mgss-jyhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96153?format=api", "vulnerability_id": "VCID-cf6s-k59z-6ueb", "summary": "The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypass intended access restrictions and create arbitrary groups as administrators by leveraging mishandling of the creator ID.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2860", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48732", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48793", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48802", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48783", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48753", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2860" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/304073?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/515583?format=api", "purl": "pkg:deb/debian/openafs@1.6.18.2-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.18.2-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-2860" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cf6s-k59z-6ueb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96134?format=api", "vulnerability_id": "VCID-dtye-ub63-ekf4", "summary": "Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service (crash) via a large list from the IdToName RPC, which triggers a heap-based buffer overflow.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1795", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02115", "scoring_system": "epss", "scoring_elements": "0.84433", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02115", "scoring_system": "epss", "scoring_elements": "0.84456", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02115", "scoring_system": "epss", "scoring_elements": "0.84459", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02115", "scoring_system": "epss", "scoring_elements": "0.84452", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02115", "scoring_system": "epss", "scoring_elements": "0.8444", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1795" }, { "reference_url": "https://security.gentoo.org/glsa/201404-05", "reference_id": "GLSA-201404-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201404-05" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" } ], "aliases": [ "CVE-2013-1795" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dtye-ub63-ekf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96159?format=api", "vulnerability_id": "VCID-edpv-p5uh-77he", "summary": "An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, large input values and consume server resources waiting for those inputs, denying service to other valid connections.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16949", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.8944", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.89458", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.89457", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.04608", "scoring_system": "epss", "scoring_elements": "0.89456", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16949" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908616", "reference_id": "908616", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908616" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/515584?format=api", "purl": "pkg:deb/debian/openafs@1.6.20-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.20-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/519138?format=api", "purl": "pkg:deb/debian/openafs@1.8.2-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.2-1%252Bdeb10u1" } ], "aliases": [ "CVE-2018-16949" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-edpv-p5uh-77he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96146?format=api", "vulnerability_id": "VCID-effs-dv1k-rkaf", "summary": "The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3285", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23762", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23855", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.2384", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23791", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23738", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6587" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/302706?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u4~bpo70%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/515583?format=api", "purl": "pkg:deb/debian/openafs@1.6.18.2-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.18.2-1~bpo8%252B1" } ], "aliases": [ "CVE-2015-3285" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-effs-dv1k-rkaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96141?format=api", "vulnerability_id": "VCID-fp5n-tqx6-b7g1", "summary": "OpenAFS 1.6.8 does not properly clear the fields in the host structure, which allows remote attackers to cause a denial of service (uninitialized memory access and crash) via unspecified vectors related to TMAY requests.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4044", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00603", "scoring_system": "epss", "scoring_elements": "0.69934", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00603", "scoring_system": "epss", "scoring_elements": "0.69974", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00603", "scoring_system": "epss", "scoring_elements": "0.69983", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00603", "scoring_system": "epss", "scoring_elements": "0.6997", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00603", "scoring_system": "epss", "scoring_elements": "0.69958", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4044" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4044", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4044" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/302705?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u2" } ], "aliases": [ "CVE-2014-4044" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fp5n-tqx6-b7g1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96164?format=api", "vulnerability_id": "VCID-h3xe-yaja-vbds", "summary": "An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client FetchACL RPCs can cause client processes to crash and possibly expose uninitialized memory into other ACLs stored on the server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10396", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40119", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40172", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40176", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40147", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10396" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087406", "reference_id": "1087406", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087406" }, { "reference_url": "https://www.openafs.org/pages/security/OPENAFS-SA-2024-002.txt", "reference_id": "OPENAFS-SA-2024-002.txt", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:58:56Z/" } ], "url": "https://www.openafs.org/pages/security/OPENAFS-SA-2024-002.txt" }, { "reference_url": "https://www.openafs.org/security", "reference_id": "security", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:58:56Z/" } ], "url": "https://www.openafs.org/security" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/774443?format=api", "purl": "pkg:deb/debian/openafs@1.8.9-1%2Bdeb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.9-1%252Bdeb12u1" } ], "aliases": [ "CVE-2024-10396" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h3xe-yaja-vbds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96160?format=api", "vulnerability_id": "VCID-j6z8-ka18-xucr", "summary": "OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of service from unserialized data access because remote attackers can make a series of VOTE_Debug RPC calls to crash a database server within the SVOTE_Debug RPC handler.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18601", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78404", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78432", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.7844", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.7843", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78418", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18601" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943587", "reference_id": "943587", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943587" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582834?format=api", "purl": "pkg:deb/debian/openafs@1.8.6-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.6-5" } ], "aliases": [ "CVE-2019-18601" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6z8-ka18-xucr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96163?format=api", "vulnerability_id": "VCID-m4ch-et4w-5bbq", "summary": "A local user can bypass the OpenAFS PAG (Process Authentication Group) throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10394", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03437", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03462", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03475", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03458", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10394" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10394", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10394" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087406", "reference_id": "1087406", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087406" }, { "reference_url": "https://www.openafs.org/pages/security/OPENAFS-SA-2024-001.txt", "reference_id": "OPENAFS-SA-2024-001.txt", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:59:42Z/" } ], "url": "https://www.openafs.org/pages/security/OPENAFS-SA-2024-001.txt" }, { "reference_url": "https://www.openafs.org/security", "reference_id": "security", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:59:42Z/" } ], "url": "https://www.openafs.org/security" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/774443?format=api", "purl": "pkg:deb/debian/openafs@1.8.9-1%2Bdeb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.9-1%252Bdeb12u1" } ], "aliases": [ "CVE-2024-10394" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m4ch-et4w-5bbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96133?format=api", "vulnerability_id": "VCID-m6d1-s7w9-7qbv", "summary": "Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver ACL entry.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1794", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02802", "scoring_system": "epss", "scoring_elements": "0.86389", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02802", "scoring_system": "epss", "scoring_elements": "0.86412", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02802", "scoring_system": "epss", "scoring_elements": "0.86413", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02802", "scoring_system": "epss", "scoring_elements": "0.86409", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02802", "scoring_system": "epss", "scoring_elements": "0.86397", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1794" }, { "reference_url": "https://security.gentoo.org/glsa/201404-05", "reference_id": "GLSA-201404-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201404-05" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" } ], "aliases": [ "CVE-2013-1794" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m6d1-s7w9-7qbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96126?format=api", "vulnerability_id": "VCID-mhk5-kb1q-kqdk", "summary": "The default configuration in OpenAFS 1.4.x before 1.4.4 and 1.5.x before 1.5.17 supports setuid programs within the local cell, which might allow attackers to gain privileges by spoofing a response to an AFS cache manager FetchStatus request, and setting setuid and root ownership for files in the cache.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1507", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01726", "scoring_system": "epss", "scoring_elements": "0.82776", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01726", "scoring_system": "epss", "scoring_elements": "0.82801", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01726", "scoring_system": "epss", "scoring_elements": "0.82799", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01726", "scoring_system": "epss", "scoring_elements": "0.82798", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01726", "scoring_system": "epss", "scoring_elements": "0.82791", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1507" }, { "reference_url": "https://security.gentoo.org/glsa/200704-03", "reference_id": "GLSA-200704-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200704-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219042?format=api", "purl": "pkg:deb/debian/openafs@1.4.2-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-79rk-s436-rbh1" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-9tr8-64hh-9kdp" }, { "vulnerability": "VCID-a4wg-mgba-f7ds" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-b9m1-xt9p-myhn" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-dtye-ub63-ekf4" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-m6d1-s7w9-7qbv" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-z151-brjq-yuht" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.4.2-6" } ], "aliases": [ "CVE-2007-1507" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mhk5-kb1q-kqdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96154?format=api", "vulnerability_id": "VCID-pr58-m7ms-2ffh", "summary": "The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4536", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53215", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53276", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53284", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53267", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53241", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4536" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/515583?format=api", "purl": "pkg:deb/debian/openafs@1.6.18.2-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.18.2-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-4536" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pr58-m7ms-2ffh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96162?format=api", "vulnerability_id": "VCID-rxzv-s7u5-wkbv", "summary": "OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error conditions because uninitialized RPC output variables are sent over the network to a peer.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18603", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.6181", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61859", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61867", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61856", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61841", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18603" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943587", "reference_id": "943587", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943587" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582834?format=api", "purl": "pkg:deb/debian/openafs@1.8.6-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.6-5" } ], "aliases": [ "CVE-2019-18603" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rxzv-s7u5-wkbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96144?format=api", "vulnerability_id": "VCID-tcts-2nv4-8ues", "summary": "OpenAFS before 1.6.13 allows remote attackers to spoof bos commands via unspecified vectors.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73854", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73891", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73896", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73882", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73865", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6587" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/302706?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u4~bpo70%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/515583?format=api", "purl": "pkg:deb/debian/openafs@1.6.18.2-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.18.2-1~bpo8%252B1" } ], "aliases": [ "CVE-2015-3283" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tcts-2nv4-8ues" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96140?format=api", "vulnerability_id": "VCID-uw32-c1ap-9yet", "summary": "OpenAFS before 1.6.7 delays the listen thread when an RXS_CheckResponse fails, which allows remote attackers to cause a denial of service (performance degradation) via an invalid packet.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2852", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.65101", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.65144", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.65154", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.65143", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.65131", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2852" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/302705?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u2" } ], "aliases": [ "CVE-2014-2852" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uw32-c1ap-9yet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96149?format=api", "vulnerability_id": "VCID-wccv-q97z-fqc7", "summary": "The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-6587", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.7056", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70602", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70612", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70594", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70582", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-6587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6587" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/302706?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u4~bpo70%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/515583?format=api", "purl": "pkg:deb/debian/openafs@1.6.18.2-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.18.2-1~bpo8%252B1" } ], "aliases": [ "CVE-2015-6587" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wccv-q97z-fqc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96135?format=api", "vulnerability_id": "VCID-wyc1-fb71-a3g2", "summary": "OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4134", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3553", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35625", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35637", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.356", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35561", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4134" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4134", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4134" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4135" }, { "reference_url": "https://security.gentoo.org/glsa/201404-05", "reference_id": "GLSA-201404-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201404-05" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/302705?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u2" } ], "aliases": [ "CVE-2013-4134" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wyc1-fb71-a3g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96151?format=api", "vulnerability_id": "VCID-yyzd-zm5v-13hw", "summary": "rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7763", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64986", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65029", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65039", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65027", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65015", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7763" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/304073?format=api", "purl": "pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/515583?format=api", "purl": "pkg:deb/debian/openafs@1.6.18.2-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.18.2-1~bpo8%252B1" } ], "aliases": [ "CVE-2015-7763" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yyzd-zm5v-13hw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96132?format=api", "vulnerability_id": "VCID-z151-brjq-yuht", "summary": "The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel module in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions does not properly handle errors, which allows attackers to cause a denial of service via unknown vectors. NOTE: some of these details are obtained from third party information.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0431", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71403", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71447", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71454", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71431", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71415", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0431" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0431", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0431" }, { "reference_url": "https://security.gentoo.org/glsa/201404-05", "reference_id": "GLSA-201404-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201404-05" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219052?format=api", "purl": "pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5" } ], "aliases": [ "CVE-2011-0431" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z151-brjq-yuht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96157?format=api", "vulnerability_id": "VCID-zrrp-jug6-zbgu", "summary": "An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. The backup tape controller (butc) process accepts incoming RPCs but does not require (or allow for) authentication of those RPCs. Handling those RPCs results in operations being performed with administrator credentials, including dumping/restoring volume contents and manipulating the backup database. For example, an unauthenticated attacker can replace any volume's content with arbitrary data.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.8136", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81388", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81391", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81389", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81383", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16949" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908616", "reference_id": "908616", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908616" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/515584?format=api", "purl": "pkg:deb/debian/openafs@1.6.20-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.20-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/519138?format=api", "purl": "pkg:deb/debian/openafs@1.8.2-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.8.2-1%252Bdeb10u1" } ], "aliases": [ "CVE-2018-16947" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zrrp-jug6-zbgu" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58468?format=api", "vulnerability_id": "VCID-sk3n-sd56-pbhs", "summary": "Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0391.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0391.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0391", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08258", "scoring_system": "epss", "scoring_elements": "0.9238", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.08258", "scoring_system": "epss", "scoring_elements": "0.92381", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.08258", "scoring_system": "epss", "scoring_elements": "0.92375", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.08258", "scoring_system": "epss", "scoring_elements": "0.92385", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.08258", "scoring_system": "epss", "scoring_elements": "0.9239", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0391" }, { "reference_url": "http://archives.neohapsis.com/archives/aix/2002-q4/0002.html", "reference_id": "0002.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://archives.neohapsis.com/archives/aix/2002-q4/0002.html" }, { "reference_url": "http://archives.neohapsis.com/archives/hp/2002-q3/0077.html", "reference_id": "0077.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://archives.neohapsis.com/archives/hp/2002-q3/0077.html" }, { "reference_url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0514.html", "reference_id": "0514.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0514.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616771", "reference_id": "1616771", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616771" }, { "reference_url": "http://www.kb.cert.org/vuls/id/192995", "reference_id": "192995", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.kb.cert.org/vuls/id/192995" }, { "reference_url": "ftp://patches.sgi.com/support/free/security/advisories/20020801-01-A", "reference_id": "20020801-01-A", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020801-01-A" }, { "reference_url": "ftp://patches.sgi.com/support/free/security/advisories/20020801-01-P", "reference_id": "20020801-01-P", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020801-01-P" }, { "reference_url": "http://online.securityfocus.com/archive/1/285740", "reference_id": "285740", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://online.securityfocus.com/archive/1/285740" }, { "reference_url": "http://online.securityfocus.com/advisories/4402", "reference_id": "4402", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://online.securityfocus.com/advisories/4402" }, { "reference_url": "http://www.securityfocus.com/bid/5356", "reference_id": "5356", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.securityfocus.com/bid/5356" }, { "reference_url": "http://www.iss.net/security_center/static/9170.php", "reference_id": "9170.php", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.iss.net/security_center/static/9170.php" }, { "reference_url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:057", "reference_id": "advisories?name=MDKSA-2002:057", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:057" }, { "reference_url": "http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20823", "reference_id": "alertdetail.jsp?oid=20823", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20823" }, { "reference_url": "http://www.cert.org/advisories/CA-2002-25.html", "reference_id": "CA-2002-25.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.cert.org/advisories/CA-2002-25.html" }, { "reference_url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-055.0.txt", "reference_id": "CSSA-2002-055.0.txt", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-055.0.txt" }, { "reference_url": "http://www.debian.org/security/2002/dsa-142", "reference_id": "dsa-142", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.debian.org/security/2002/dsa-142" }, { "reference_url": "http://www.debian.org/security/2002/dsa-143", "reference_id": "dsa-143", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.debian.org/security/2002/dsa-143" }, { "reference_url": "http://www.debian.org/security/2002/dsa-146", "reference_id": "dsa-146", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.debian.org/security/2002/dsa-146" }, { "reference_url": "http://www.debian.org/security/2002/dsa-149", "reference_id": "dsa-149", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.debian.org/security/2002/dsa-149" }, { "reference_url": "http://www.debian.org/security/2003/dsa-333", "reference_id": "dsa-333", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.debian.org/security/2003/dsa-333" }, { "reference_url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000515", "reference_id": "?id=a&anuncio=000515", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000515" }, { "reference_url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000535", "reference_id": "?id=a&anuncio=000535", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000535" }, { "reference_url": "http://marc.info/?l=bugtraq&m=102813809232532&w=2", "reference_id": "?l=bugtraq&m=102813809232532&w=2", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=102813809232532&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=102821785316087&w=2", "reference_id": "?l=bugtraq&m=102821785316087&w=2", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=102821785316087&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=102821928418261&w=2", "reference_id": "?l=bugtraq&m=102821928418261&w=2", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=102821928418261&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=102831443208382&w=2", "reference_id": "?l=bugtraq&m=102831443208382&w=2", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=102831443208382&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=103158632831416&w=2", "reference_id": "?l=bugtraq&m=103158632831416&w=2", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://marc.info/?l=bugtraq&m=103158632831416&w=2" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-057", "reference_id": "ms02-057", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-057" }, { "reference_url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-011.txt.asc", "reference_id": "NetBSD-SA2002-011.txt.asc", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-011.txt.asc" }, { "reference_url": "http://www.linuxsecurity.com/advisories/other_advisory-2399.html", "reference_id": "other_advisory-2399.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.linuxsecurity.com/advisories/other_advisory-2399.html" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A42", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A42", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A42" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4728", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A4728", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4728" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A9", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2002:166", "reference_id": "RHSA-2002:166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2002:166" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2002-166.html", "reference_id": "RHSA-2002-166.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2002-166.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2002:167", "reference_id": "RHSA-2002:167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2002:167" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2002-167.html", "reference_id": "RHSA-2002-167.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2002-167.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2002:172", "reference_id": "RHSA-2002:172", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2002:172" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2002-172.html", "reference_id": "RHSA-2002-172.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2002-172.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2002:173", "reference_id": "RHSA-2002:173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2002:173" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2002-173.html", "reference_id": "RHSA-2002-173.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2002-173.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:168", "reference_id": "RHSA-2003:168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:168" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2003-168.html", "reference_id": "RHSA-2003-168.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2003-168.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:212", "reference_id": "RHSA-2003:212", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:212" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2003-212.html", "reference_id": "RHSA-2003-212.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-08T19:26:07Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2003-212.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/219040?format=api", "purl": "pkg:deb/debian/openafs@1.3.81-3sarge3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fpz-k79d-t3bs" }, { "vulnerability": "VCID-1xfw-vv5d-93b5" }, { "vulnerability": "VCID-1yg1-xvt5-yugp" }, { "vulnerability": "VCID-3jm4-2n5b-5ygs" }, { "vulnerability": "VCID-4nqz-pqv7-xkeu" }, { "vulnerability": "VCID-5ksv-vbwy-gygz" }, { "vulnerability": "VCID-7693-4ytg-h7c7" }, { "vulnerability": "VCID-78ha-yjbm-8bca" }, { "vulnerability": "VCID-79rk-s436-rbh1" }, { "vulnerability": "VCID-82ab-dv8d-9bfv" }, { "vulnerability": "VCID-9tr8-64hh-9kdp" }, { "vulnerability": "VCID-a4wg-mgba-f7ds" }, { "vulnerability": "VCID-anxg-fktu-pfcu" }, { "vulnerability": "VCID-b9m1-xt9p-myhn" }, { "vulnerability": "VCID-bu6u-mgss-jyhg" }, { "vulnerability": "VCID-cf6s-k59z-6ueb" }, { "vulnerability": "VCID-dtye-ub63-ekf4" }, { "vulnerability": "VCID-edpv-p5uh-77he" }, { "vulnerability": "VCID-effs-dv1k-rkaf" }, { "vulnerability": "VCID-fp5n-tqx6-b7g1" }, { "vulnerability": "VCID-h3xe-yaja-vbds" }, { "vulnerability": "VCID-j6z8-ka18-xucr" }, { "vulnerability": "VCID-m4ch-et4w-5bbq" }, { "vulnerability": "VCID-m6d1-s7w9-7qbv" }, { "vulnerability": "VCID-mhk5-kb1q-kqdk" }, { "vulnerability": "VCID-pr58-m7ms-2ffh" }, { "vulnerability": "VCID-rxzv-s7u5-wkbv" }, { "vulnerability": "VCID-tcts-2nv4-8ues" }, { "vulnerability": "VCID-uw32-c1ap-9yet" }, { "vulnerability": "VCID-wccv-q97z-fqc7" }, { "vulnerability": "VCID-wyc1-fb71-a3g2" }, { "vulnerability": "VCID-yyzd-zm5v-13hw" }, { "vulnerability": "VCID-z151-brjq-yuht" }, { "vulnerability": "VCID-zrrp-jug6-zbgu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.3.81-3sarge3" } ], "aliases": [ "CVE-2002-0391" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sk3n-sd56-pbhs" } ], "risk_score": "2.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.3.81-3sarge3" }