Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/36558?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "type": "deb", "namespace": "debian", "name": "cvs", "version": "2:1.12.13+real-28", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2:1.12.13+real-28+deb12u1", "latest_non_vulnerable_version": "2:1.12.13+real-31", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179692?format=api", "vulnerability_id": "VCID-4hak-5z95-juhf", "summary": "There are two vulnerabilities in CVS; one in the server and one in the\n client. These vulnerabilities allow the reading and writing of arbitrary\n files on both client and server.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0405.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0405.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0405", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80893", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80952", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80962", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80954", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0405" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617194", "reference_id": "1617194", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617194" }, { "reference_url": "https://security.gentoo.org/glsa/200404-13", "reference_id": "GLSA-200404-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200404-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:153", "reference_id": "RHSA-2004:153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:154", "reference_id": "RHSA-2004:154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:154" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36568?format=api", "purl": "pkg:deb/debian/cvs@1:1.12.5-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.5-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0405" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4hak-5z95-juhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199847?format=api", "vulnerability_id": "VCID-76pq-jctn-abc2", "summary": "CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-1343", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.71465", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.71551", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.71564", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00655", "scoring_system": "epss", "scoring_elements": "0.71562", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-1343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1343" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36581?format=api", "purl": "pkg:deb/debian/cvs@1:1.12.9-12?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-12%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-1343" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-76pq-jctn-abc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199691?format=api", "vulnerability_id": "VCID-782a-mdwz-9yat", "summary": "CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed \"Entry\" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0414.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0414.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0414", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05252", "scoring_system": "epss", "scoring_elements": "0.90197", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.05252", "scoring_system": "epss", "scoring_elements": "0.90228", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.05252", "scoring_system": "epss", "scoring_elements": "0.90236", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.05252", "scoring_system": "epss", "scoring_elements": "0.90234", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0414" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617197", "reference_id": "1617197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:233", "reference_id": "RHSA-2004:233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:233" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36575?format=api", "purl": "pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0414" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-782a-mdwz-9yat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199684?format=api", "vulnerability_id": "VCID-7zw8-dpbr-jffc", "summary": "Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0396.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0396.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0396", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86593", "scoring_system": "epss", "scoring_elements": "0.99439", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.86593", "scoring_system": "epss", "scoring_elements": "0.9944", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.86593", "scoring_system": "epss", "scoring_elements": "0.99441", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.86593", "scoring_system": "epss", "scoring_elements": "0.99442", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0396" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617191", "reference_id": "1617191", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617191" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/300.c", "reference_id": "OSVDB-6305;CVE-2004-0396", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/300.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/solaris/remote/301.c", "reference_id": "OSVDB-6305;CVE-2004-0396", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/solaris/remote/301.c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:190", "reference_id": "RHSA-2004:190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:190" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36571?format=api", "purl": "pkg:deb/debian/cvs@1:1.12.5-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.5-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0396" ], "risk_score": 1.6, "exploitability": "2.0", "weighted_severity": "0.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7zw8-dpbr-jffc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199478?format=api", "vulnerability_id": "VCID-977s-a2ue-w7eu", "summary": "Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0015.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0015.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0015", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.37007", "scoring_system": "epss", "scoring_elements": "0.9726", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.37007", "scoring_system": "epss", "scoring_elements": "0.97268", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.37007", "scoring_system": "epss", "scoring_elements": "0.97269", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.37007", "scoring_system": "epss", "scoring_elements": "0.9727", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0015" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616934", "reference_id": "1616934", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616934" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22187.txt", "reference_id": "CVE-2003-0015;OSVDB-3227", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22187.txt" }, { "reference_url": "https://www.securityfocus.com/bid/6650/info", "reference_id": "CVE-2003-0015;OSVDB-3227", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/6650/info" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:012", "reference_id": "RHSA-2003:012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:013", "reference_id": "RHSA-2003:013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:013" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36563?format=api", "purl": "pkg:deb/debian/cvs@1.11.2-5.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1.11.2-5.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2003-0015" ], "risk_score": 0.6, "exploitability": "2.0", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-977s-a2ue-w7eu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199853?format=api", "vulnerability_id": "VCID-ajrj-x152-pfd4", "summary": "Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-1471", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05947", "scoring_system": "epss", "scoring_elements": "0.90851", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.05947", "scoring_system": "epss", "scoring_elements": "0.90881", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.05947", "scoring_system": "epss", "scoring_elements": "0.90889", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-1471" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1471", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1471" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/24182.c", "reference_id": "CVE-2004-1471;OSVDB-15727", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/24182.c" }, { "reference_url": "https://www.securityfocus.com/bid/10499/info", "reference_id": "CVE-2004-1471;OSVDB-15727", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/10499/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36580?format=api", "purl": "pkg:deb/debian/cvs@1:1.12.9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-1471" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ajrj-x152-pfd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/200178?format=api", "vulnerability_id": "VCID-bjjf-mz6r-qqg4", "summary": "cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2693.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2693.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-2693", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22527", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22722", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22735", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22716", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-2693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2693", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617740", "reference_id": "1617740", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617740" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325106", "reference_id": "325106", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325106" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:756", "reference_id": "RHSA-2005:756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:756" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36587?format=api", "purl": "pkg:deb/debian/cvs@1:1.11.5-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.11.5-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-2693" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bjjf-mz6r-qqg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199727?format=api", "vulnerability_id": "VCID-dgrx-z1xw-jyf6", "summary": "CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0778.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0778.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0778", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04063", "scoring_system": "epss", "scoring_elements": "0.88791", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04063", "scoring_system": "epss", "scoring_elements": "0.8883", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04063", "scoring_system": "epss", "scoring_elements": "0.88836", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.04063", "scoring_system": "epss", "scoring_elements": "0.88835", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0778" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617282", "reference_id": "1617282", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617282" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:233", "reference_id": "RHSA-2004:233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:233" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36580?format=api", "purl": "pkg:deb/debian/cvs@1:1.12.9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0778" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dgrx-z1xw-jyf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199381?format=api", "vulnerability_id": "VCID-exgk-1th6-53bu", "summary": "Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0844.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0844.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0844", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21496", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21682", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21694", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21668", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0844" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616825", "reference_id": "1616825", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:004", "reference_id": "RHSA-2004:004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:004" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36557?format=api", "purl": "pkg:deb/debian/cvs@1:1.11.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.11.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2002-0844" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-exgk-1th6-53bu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/200027?format=api", "vulnerability_id": "VCID-ge2e-bdx5-k3fg", "summary": "Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0753.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0753.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0753", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05354", "scoring_system": "epss", "scoring_elements": "0.90287", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.05354", "scoring_system": "epss", "scoring_elements": "0.90317", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.05354", "scoring_system": "epss", "scoring_elements": "0.90325", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.05354", "scoring_system": "epss", "scoring_elements": "0.90323", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0753" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617569", "reference_id": "1617569", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:387", "reference_id": "RHSA-2005:387", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:387" }, { "reference_url": "https://usn.ubuntu.com/117-1/", "reference_id": "USN-117-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/117-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36584?format=api", "purl": "pkg:deb/debian/cvs@1:1.12.9-13?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-0753" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ge2e-bdx5-k3fg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199695?format=api", "vulnerability_id": "VCID-k37k-771k-6uby", "summary": "serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an \"out-of-bounds\" write for a single byte to execute arbitrary code or modify critical program data.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0418.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0418.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0418", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14279", "scoring_system": "epss", "scoring_elements": "0.94557", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.14279", "scoring_system": "epss", "scoring_elements": "0.94575", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.14279", "scoring_system": "epss", "scoring_elements": "0.94581", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.14279", "scoring_system": "epss", "scoring_elements": "0.94582", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0418" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0418", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0418" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617202", "reference_id": "1617202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617202" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:233", "reference_id": "RHSA-2004:233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:233" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36575?format=api", "purl": "pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0418" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k37k-771k-6uby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/177617?format=api", "vulnerability_id": "VCID-md15-esne-abbk", "summary": "A heap-based buffer overflow in CVS might allow remote attackers to\n execute\n arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0804.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0804.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0804", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02507", "scoring_system": "epss", "scoring_elements": "0.85675", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02507", "scoring_system": "epss", "scoring_elements": "0.85726", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02507", "scoring_system": "epss", "scoring_elements": "0.85736", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02507", "scoring_system": "epss", "scoring_elements": "0.85729", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0804" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0804", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0804" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=784141", "reference_id": "784141", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=784141" }, { "reference_url": "https://security.gentoo.org/glsa/201701-44", "reference_id": "GLSA-201701-44", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-44" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0321", "reference_id": "RHSA-2012:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0321" }, { "reference_url": "https://usn.ubuntu.com/1371-1/", "reference_id": "USN-1371-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1371-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36593?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-0804" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-md15-esne-abbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2662?format=api", "vulnerability_id": "VCID-ncr9-d9xr-m3dx", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12836.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12836.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12836", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02504", "scoring_system": "epss", "scoring_elements": "0.85672", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02504", "scoring_system": "epss", "scoring_elements": "0.85723", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02504", "scoring_system": "epss", "scoring_elements": "0.85733", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02504", "scoring_system": "epss", "scoring_elements": "0.85725", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12836" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480800", "reference_id": "1480800", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480800" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871810", "reference_id": "871810", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871810" }, { "reference_url": "https://security.gentoo.org/glsa/201709-17", "reference_id": "GLSA-201709-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201709-17" }, { "reference_url": "https://usn.ubuntu.com/3399-1/", "reference_id": "USN-3399-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3399-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36595?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-24?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-24%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-12836" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ncr9-d9xr-m3dx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199694?format=api", "vulnerability_id": "VCID-nqw3-r34n-zbe6", "summary": "Integer overflow in the \"Max-dotdot\" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0417.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0417.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0417", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04491", "scoring_system": "epss", "scoring_elements": "0.89364", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04491", "scoring_system": "epss", "scoring_elements": "0.89401", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04491", "scoring_system": "epss", "scoring_elements": "0.89409", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.04491", "scoring_system": "epss", "scoring_elements": "0.89407", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0417" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0417" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617201", "reference_id": "1617201", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:233", "reference_id": "RHSA-2004:233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:233" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36575?format=api", "purl": "pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0417" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nqw3-r34n-zbe6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179691?format=api", "vulnerability_id": "VCID-pd12-r3uh-huf4", "summary": "There are two vulnerabilities in CVS; one in the server and one in the\n client. These vulnerabilities allow the reading and writing of arbitrary\n files on both client and server.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0180.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0180.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04165", "scoring_system": "epss", "scoring_elements": "0.88935", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04165", "scoring_system": "epss", "scoring_elements": "0.88972", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04165", "scoring_system": "epss", "scoring_elements": "0.88979", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.04165", "scoring_system": "epss", "scoring_elements": "0.88978", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0180" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617171", "reference_id": "1617171", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617171" }, { "reference_url": "https://security.gentoo.org/glsa/200404-13", "reference_id": "GLSA-200404-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200404-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:153", "reference_id": "RHSA-2004:153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:154", "reference_id": "RHSA-2004:154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:154" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36568?format=api", "purl": "pkg:deb/debian/cvs@1:1.12.5-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.5-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0180" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pd12-r3uh-huf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199846?format=api", "vulnerability_id": "VCID-pe4t-1ga5-nkhk", "summary": "CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-1342", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.56748", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.56868", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.56883", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00335", "scoring_system": "epss", "scoring_elements": "0.56873", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-1342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1342" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36581?format=api", "purl": "pkg:deb/debian/cvs@1:1.12.9-12?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-12%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-1342" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pe4t-1ga5-nkhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212468?format=api", "vulnerability_id": "VCID-v6xx-r6zg-2qgu", "summary": "Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3846.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3846.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3846", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31857", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32043", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32059", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32038", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3846" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=642146", "reference_id": "642146", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=642146" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0918", "reference_id": "RHSA-2010:0918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0918" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36590?format=api", "purl": "pkg:deb/debian/cvs@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-3846" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v6xx-r6zg-2qgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199693?format=api", "vulnerability_id": "VCID-y4uw-uc9k-jfdu", "summary": "Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0416.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0416.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0416", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.40607", "scoring_system": "epss", "scoring_elements": "0.97455", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.40607", "scoring_system": "epss", "scoring_elements": "0.97463", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.40607", "scoring_system": "epss", "scoring_elements": "0.97465", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.40607", "scoring_system": "epss", "scoring_elements": "0.97464", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0416" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0416", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0416" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617200", "reference_id": "1617200", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617200" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/392.c", "reference_id": "OSVDB-6831;CVE-2004-0416", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/392.c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:233", "reference_id": "RHSA-2004:233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:233" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36575?format=api", "purl": "pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0416" ], "risk_score": 0.8, "exploitability": "2.0", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y4uw-uc9k-jfdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199634?format=api", "vulnerability_id": "VCID-yyyb-3sfs-13af", "summary": "CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0977.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0977.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01901", "scoring_system": "epss", "scoring_elements": "0.8364", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01901", "scoring_system": "epss", "scoring_elements": "0.83699", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01901", "scoring_system": "epss", "scoring_elements": "0.83709", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01901", "scoring_system": "epss", "scoring_elements": "0.83705", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0977" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617113", "reference_id": "1617113", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:003", "reference_id": "RHSA-2004:003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:004", "reference_id": "RHSA-2004:004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:004" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/36566?format=api", "purl": "pkg:deb/debian/cvs@1:1.11.10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.11.10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36558?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36556?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36561?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/36560?format=api", "purl": "pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie" } ], "aliases": [ "CVE-2003-0977" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yyyb-3sfs-13af" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie" }