Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/38239?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "type": "deb", "namespace": "debian", "name": "dpkg", "version": "1.21.23", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.22.21", "latest_non_vulnerable_version": "1.23.7", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/200124?format=api", "vulnerability_id": "VCID-1ntc-urq5-gqfw", "summary": "zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2096.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2096.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-2096", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.43032", "scoring_system": "epss", "scoring_elements": "0.97577", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.43032", "scoring_system": "epss", "scoring_elements": "0.97586", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-2096" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317133", "reference_id": "317133", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317133" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317523", "reference_id": "317523", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317523" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317966", "reference_id": "317966", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317966" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317967", "reference_id": "317967", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317967" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317968", "reference_id": "317968", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317968" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318014", "reference_id": "318014", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318014" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318091", "reference_id": "318091", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318091" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318099", "reference_id": "318099", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318099" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318100", "reference_id": "318100", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318100" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318246", "reference_id": "318246", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318246" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332236", "reference_id": "332236", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332236" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=430650", "reference_id": "430650", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=430650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:569", "reference_id": "RHSA-2005:569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0264", "reference_id": "RHSA-2008:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0525", "reference_id": "RHSA-2008:0525", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0525" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0629", "reference_id": "RHSA-2008:0629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0629" }, { "reference_url": "https://usn.ubuntu.com/148-1/", "reference_id": "USN-148-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/148-1/" }, { "reference_url": "https://usn.ubuntu.com/151-2/", "reference_id": "USN-151-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/151-2/" }, { "reference_url": "https://usn.ubuntu.com/151-3/", "reference_id": "USN-151-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/151-3/" }, { "reference_url": "https://usn.ubuntu.com/151-4/", "reference_id": "USN-151-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/151-4/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38246?format=api", "purl": "pkg:deb/debian/dpkg@1.13.11?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.13.11%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-2096" ], "risk_score": 0.2, "exploitability": "0.5", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ntc-urq5-gqfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/110482?format=api", "vulnerability_id": "VCID-1nye-sjkv-7yh3", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0471", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.48067", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.48206", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.48222", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.48207", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0471" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0471", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0471" }, { "reference_url": "https://usn.ubuntu.com/2183-1/", "reference_id": "USN-2183-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2183-1/" }, { "reference_url": "https://usn.ubuntu.com/2183-2/", "reference_id": "USN-2183-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2183-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38256?format=api", "purl": "pkg:deb/debian/dpkg@1.17.8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.17.8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0471" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1nye-sjkv-7yh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112173?format=api", "vulnerability_id": "VCID-2ztp-va25-bkaa", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3865", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0529", "scoring_system": "epss", "scoring_elements": "0.9023", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0529", "scoring_system": "epss", "scoring_elements": "0.9026", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0529", "scoring_system": "epss", "scoring_elements": "0.90268", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0529", "scoring_system": "epss", "scoring_elements": "0.90266", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3864" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3865" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=749183", "reference_id": "749183", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=749183" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39207.txt", "reference_id": "CVE-2014-3865;OSVDB-107568", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39207.txt" }, { "reference_url": "https://www.securityfocus.com/bid/67727/info", "reference_id": "CVE-2014-3865;OSVDB-107568", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/67727/info" }, { "reference_url": "https://usn.ubuntu.com/2242-1/", "reference_id": "USN-2242-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2242-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38264?format=api", "purl": "pkg:deb/debian/dpkg@1.17.10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.17.10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3865" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ztp-va25-bkaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183398?format=api", "vulnerability_id": "VCID-3kp1-e76n-kfck", "summary": "A malicious tar archive could trigger a Buffer overflow in GNU tar,\n potentially resulting in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0300.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0300.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-0300", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18808", "scoring_system": "epss", "scoring_elements": "0.95446", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.18808", "scoring_system": "epss", "scoring_elements": "0.9546", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.18808", "scoring_system": "epss", "scoring_elements": "0.95464", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.18808", "scoring_system": "epss", "scoring_elements": "0.95466", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-0300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617881", "reference_id": "1617881", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617881" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=354091", "reference_id": "354091", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=354091" }, { "reference_url": "https://security.gentoo.org/glsa/200603-06", "reference_id": "GLSA-200603-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200603-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0232", "reference_id": "RHSA-2006:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0232" }, { "reference_url": "https://usn.ubuntu.com/257-1/", "reference_id": "USN-257-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/257-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38247?format=api", "purl": "pkg:deb/debian/dpkg@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-0300" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3kp1-e76n-kfck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/351?format=api", "vulnerability_id": "VCID-51m7-h55d-x3ax", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0860", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03661", "scoring_system": "epss", "scoring_elements": "0.88199", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.03661", "scoring_system": "epss", "scoring_elements": "0.88198", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.04382", "scoring_system": "epss", "scoring_elements": "0.89222", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04382", "scoring_system": "epss", "scoring_elements": "0.8926", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0860" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201612-07", "reference_id": "GLSA-201612-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-07" }, { "reference_url": "https://usn.ubuntu.com/2820-1/", "reference_id": "USN-2820-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2820-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38276?format=api", "purl": "pkg:deb/debian/dpkg@1.18.4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.18.4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0860" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-51m7-h55d-x3ax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/201669?format=api", "vulnerability_id": "VCID-6cze-4zrp-4yfr", "summary": "Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0396.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0396.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0396", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60827", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60933", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60942", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.6094", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0396" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=572522", "reference_id": "572522", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=572522" }, { "reference_url": "https://usn.ubuntu.com/909-1/", "reference_id": "USN-909-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/909-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38250?format=api", "purl": "pkg:deb/debian/dpkg@1.15.6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.15.6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-0396" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6cze-4zrp-4yfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114953?format=api", "vulnerability_id": "VCID-7k2y-78yf-z7gx", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.73387", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.73463", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.73478", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.73476", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0840" }, { "reference_url": "https://usn.ubuntu.com/2566-1/", "reference_id": "USN-2566-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2566-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38273?format=api", "purl": "pkg:deb/debian/dpkg@1.17.25?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.17.25%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-0840" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7k2y-78yf-z7gx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/201896?format=api", "vulnerability_id": "VCID-btgp-dyxb-mued", "summary": "dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via a symlink attack on unspecified files in the .pc directory.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0402", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.80093", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.80155", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.8017", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.80162", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0402" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38252?format=api", "purl": "pkg:deb/debian/dpkg@1.15.8.8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.15.8.8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0402" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-btgp-dyxb-mued" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112172?format=api", "vulnerability_id": "VCID-bw2n-ubwc-jqa1", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3864", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.70321", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.70411", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.70426", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.70424", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3864" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3864" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3865" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746498", "reference_id": "746498", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746498" }, { "reference_url": "https://usn.ubuntu.com/2242-1/", "reference_id": "USN-2242-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2242-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38264?format=api", "purl": "pkg:deb/debian/dpkg@1.17.10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.17.10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3864" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bw2n-ubwc-jqa1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11246?format=api", "vulnerability_id": "VCID-du4d-dg1m-eqda", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.73433", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.73506", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.73521", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.73519", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1664" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1664" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202408-30", "reference_id": "GLSA-202408-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-30" }, { "reference_url": "https://usn.ubuntu.com/5446-1/", "reference_id": "USN-5446-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5446-1/" }, { "reference_url": "https://usn.ubuntu.com/5446-2/", "reference_id": "USN-5446-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5446-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38281?format=api", "purl": "pkg:deb/debian/dpkg@1.20.10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38280?format=api", "purl": "pkg:deb/debian/dpkg@1.21.8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-1664" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-du4d-dg1m-eqda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/111692?format=api", "vulnerability_id": "VCID-fz7g-epw9-w7bd", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3227", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.60128", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.60235", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.60245", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.60238", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3227" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3227", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3227" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38259?format=api", "purl": "pkg:deb/debian/dpkg@1.17.9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.17.9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3227" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fz7g-epw9-w7bd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25822?format=api", "vulnerability_id": "VCID-gt5d-1fnh-5bfz", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6297", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50313", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50446", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50465", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50451", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6297" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=ed6bbd445dd8800308c67236ba35d08004c98e82", "reference_id": "?id=ed6bbd445dd8800308c67236ba35d08004c98e82", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-01T17:30:21Z/" } ], "url": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=ed6bbd445dd8800308c67236ba35d08004c98e82" }, { "reference_url": "https://usn.ubuntu.com/7768-1/", "reference_id": "USN-7768-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7768-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38283?format=api", "purl": "pkg:deb/debian/dpkg@1.22.21?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.21%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-6297" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gt5d-1fnh-5bfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/26775?format=api", "vulnerability_id": "VCID-h9pp-9beb-xyds", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07503", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07521", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07529", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07536", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2219" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/1129722", "reference_id": "1129722", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-09T14:52:13Z/" } ], "url": "https://bugs.debian.org/1129722" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129722", "reference_id": "1129722", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129722" }, { "reference_url": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=6610297a62c0780dd0e80b0e302ef64fdcc9d313", "reference_id": "?id=6610297a62c0780dd0e80b0e302ef64fdcc9d313", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-09T14:52:13Z/" } ], "url": "https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=6610297a62c0780dd0e80b0e302ef64fdcc9d313" }, { "reference_url": "https://usn.ubuntu.com/8249-1/", "reference_id": "USN-8249-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8249-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38247?format=api", "purl": "pkg:deb/debian/dpkg@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38285?format=api", "purl": "pkg:deb/debian/dpkg@1.23.6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-2219" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h9pp-9beb-xyds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199924?format=api", "vulnerability_id": "VCID-rsun-gwng-8uhr", "summary": "dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid file, (2) setgid file, or (3) device, a related issue to CVE-2010-2059.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-2768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1961", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19785", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19803", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1978", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-2768" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2768", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2768" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=225692", "reference_id": "225692", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=225692" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38240?format=api", "purl": "pkg:deb/debian/dpkg@1.10.19?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.10.19%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-2768" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rsun-gwng-8uhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/203618?format=api", "vulnerability_id": "VCID-rwn6-awv7-hubb", "summary": "Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8625", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85573", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85624", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85633", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85626", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8625" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768485", "reference_id": "768485", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768485" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38269?format=api", "purl": "pkg:deb/debian/dpkg@1.17.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.17.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-8625" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rwn6-awv7-hubb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/201736?format=api", "vulnerability_id": "VCID-xxem-cb1w-3uap", "summary": "Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1679", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00793", "scoring_system": "epss", "scoring_elements": "0.74374", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00793", "scoring_system": "epss", "scoring_elements": "0.74447", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00793", "scoring_system": "epss", "scoring_elements": "0.74461", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00793", "scoring_system": "epss", "scoring_elements": "0.74458", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1679" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1679" }, { "reference_url": "https://usn.ubuntu.com/1038-1/", "reference_id": "USN-1038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1038-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38252?format=api", "purl": "pkg:deb/debian/dpkg@1.15.8.8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.15.8.8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-1679" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xxem-cb1w-3uap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/111691?format=api", "vulnerability_id": "VCID-ybxa-yfpv-ukga", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3127", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.74134", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.74207", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.74221", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.74218", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3227", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3227" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38259?format=api", "purl": "pkg:deb/debian/dpkg@1.17.9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.17.9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3127" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ybxa-yfpv-ukga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205396?format=api", "vulnerability_id": "VCID-z5zw-v8zf-ufbz", "summary": "dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source on NetBSD.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0107", "scoring_system": "epss", "scoring_elements": "0.78141", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0107", "scoring_system": "epss", "scoring_elements": "0.78209", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0107", "scoring_system": "epss", "scoring_elements": "0.78223", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0107", "scoring_system": "epss", "scoring_elements": "0.78218", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8283" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38279?format=api", "purl": "pkg:deb/debian/dpkg@1.18.24?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.18.24%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38241?format=api", "purl": "pkg:deb/debian/dpkg@1.20.13?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gt5d-1fnh-5bfz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.20.13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38239?format=api", "purl": "pkg:deb/debian/dpkg@1.21.23?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38244?format=api", "purl": "pkg:deb/debian/dpkg@1.22.22?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.22.22%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/38243?format=api", "purl": "pkg:deb/debian/dpkg@1.23.7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.23.7%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-8283" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z5zw-v8zf-ufbz" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dpkg@1.21.23%3Fdistro=trixie" }