Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/gzip@1.3.2-3woody3
Typedeb
Namespacedebian
Namegzip
Version1.3.2-3woody3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.10-4+deb11u1
Latest_non_vulnerable_version1.10-4+deb11u1
Affected_by_vulnerabilities
0
url VCID-22yj-um9m-8bfa
vulnerability_id VCID-22yj-um9m-8bfa
summary Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1228.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1228.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-1228
reference_id
reference_type
scores
0
value 0.04585
scoring_system epss
scoring_elements 0.8941
published_at 2026-06-04T12:55:00Z
1
value 0.04585
scoring_system epss
scoring_elements 0.89429
published_at 2026-06-08T12:55:00Z
2
value 0.04585
scoring_system epss
scoring_elements 0.89428
published_at 2026-06-06T12:55:00Z
3
value 0.04585
scoring_system epss
scoring_elements 0.89427
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-1228
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1228
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1228
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617616
reference_id 1617616
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617616
4
reference_url https://access.redhat.com/errata/RHSA-2005:357
reference_id RHSA-2005:357
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:357
5
reference_url https://usn.ubuntu.com/116-1/
reference_id USN-116-1
reference_type
scores
url https://usn.ubuntu.com/116-1/
fixed_packages
0
url pkg:deb/debian/gzip@1.3.5-10sarge2
purl pkg:deb/debian/gzip@1.3.5-10sarge2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9ehy-my4r-qbbe
1
vulnerability VCID-9jab-xz6n-g3h6
2
vulnerability VCID-psqw-be2n-ufcn
3
vulnerability VCID-u3sv-pcka-gfea
4
vulnerability VCID-up3n-ccgt-c3e7
5
vulnerability VCID-vg3a-h2pv-xqab
6
vulnerability VCID-wbym-cf79-rfd3
7
vulnerability VCID-yep2-pmhw-bkgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-10sarge2
aliases CVE-2005-1228
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-22yj-um9m-8bfa
1
url VCID-353d-d1cj-5ka9
vulnerability_id VCID-353d-d1cj-5ka9
summary The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-0970
reference_id
reference_type
scores
0
value 0.00098
scoring_system epss
scoring_elements 0.26922
published_at 2026-06-04T12:55:00Z
1
value 0.00098
scoring_system epss
scoring_elements 0.27024
published_at 2026-06-05T12:55:00Z
2
value 0.00098
scoring_system epss
scoring_elements 0.27016
published_at 2026-06-06T12:55:00Z
3
value 0.00098
scoring_system epss
scoring_elements 0.26978
published_at 2026-06-07T12:55:00Z
4
value 0.00098
scoring_system epss
scoring_elements 0.26929
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-0970
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0970
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=259043
reference_id 259043
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=259043
fixed_packages
0
url pkg:deb/debian/gzip@1.3.5-10sarge2
purl pkg:deb/debian/gzip@1.3.5-10sarge2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9ehy-my4r-qbbe
1
vulnerability VCID-9jab-xz6n-g3h6
2
vulnerability VCID-psqw-be2n-ufcn
3
vulnerability VCID-u3sv-pcka-gfea
4
vulnerability VCID-up3n-ccgt-c3e7
5
vulnerability VCID-vg3a-h2pv-xqab
6
vulnerability VCID-wbym-cf79-rfd3
7
vulnerability VCID-yep2-pmhw-bkgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-10sarge2
aliases CVE-2004-0970
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-353d-d1cj-5ka9
2
url VCID-9ehy-my4r-qbbe
vulnerability_id VCID-9ehy-my4r-qbbe
summary unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted GZIP archive.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4338.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4338.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-4338
reference_id
reference_type
scores
0
value 0.04679
scoring_system epss
scoring_elements 0.89519
published_at 2026-06-04T12:55:00Z
1
value 0.04679
scoring_system epss
scoring_elements 0.89537
published_at 2026-06-08T12:55:00Z
2
value 0.04679
scoring_system epss
scoring_elements 0.89535
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-4338
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1618182
reference_id 1618182
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1618182
4
reference_url https://security.gentoo.org/glsa/200609-13
reference_id GLSA-200609-13
reference_type
scores
url https://security.gentoo.org/glsa/200609-13
5
reference_url https://security.gentoo.org/glsa/200611-24
reference_id GLSA-200611-24
reference_type
scores
url https://security.gentoo.org/glsa/200611-24
6
reference_url https://access.redhat.com/errata/RHSA-2006:0667
reference_id RHSA-2006:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0667
7
reference_url https://usn.ubuntu.com/349-1/
reference_id USN-349-1
reference_type
scores
url https://usn.ubuntu.com/349-1/
fixed_packages
0
url pkg:deb/debian/gzip@1.3.5-15
purl pkg:deb/debian/gzip@1.3.5-15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-u3sv-pcka-gfea
1
vulnerability VCID-vg3a-h2pv-xqab
2
vulnerability VCID-yep2-pmhw-bkgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-15
aliases CVE-2006-4338
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9ehy-my4r-qbbe
3
url VCID-9jab-xz6n-g3h6
vulnerability_id VCID-9jab-xz6n-g3h6
summary Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4337.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4337.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-4337
reference_id
reference_type
scores
0
value 0.10293
scoring_system epss
scoring_elements 0.93309
published_at 2026-06-04T12:55:00Z
1
value 0.10293
scoring_system epss
scoring_elements 0.9332
published_at 2026-06-05T12:55:00Z
2
value 0.10293
scoring_system epss
scoring_elements 0.93321
published_at 2026-06-06T12:55:00Z
3
value 0.10293
scoring_system epss
scoring_elements 0.93319
published_at 2026-06-07T12:55:00Z
4
value 0.10293
scoring_system epss
scoring_elements 0.93317
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-4337
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=220595
reference_id 220595
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=220595
4
reference_url https://security.gentoo.org/glsa/200609-13
reference_id GLSA-200609-13
reference_type
scores
url https://security.gentoo.org/glsa/200609-13
5
reference_url https://security.gentoo.org/glsa/200611-24
reference_id GLSA-200611-24
reference_type
scores
url https://security.gentoo.org/glsa/200611-24
6
reference_url https://access.redhat.com/errata/RHSA-2006:0667
reference_id RHSA-2006:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0667
7
reference_url https://usn.ubuntu.com/349-1/
reference_id USN-349-1
reference_type
scores
url https://usn.ubuntu.com/349-1/
fixed_packages
0
url pkg:deb/debian/gzip@1.3.5-15
purl pkg:deb/debian/gzip@1.3.5-15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-u3sv-pcka-gfea
1
vulnerability VCID-vg3a-h2pv-xqab
2
vulnerability VCID-yep2-pmhw-bkgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-15
aliases CVE-2006-4337
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9jab-xz6n-g3h6
4
url VCID-ahfm-5k5y-zqa6
vulnerability_id VCID-ahfm-5k5y-zqa6
summary gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-1999-1332
reference_id
reference_type
scores
0
value 0.00155
scoring_system epss
scoring_elements 0.35891
published_at 2026-06-04T12:55:00Z
1
value 0.00155
scoring_system epss
scoring_elements 0.35986
published_at 2026-06-05T12:55:00Z
2
value 0.00155
scoring_system epss
scoring_elements 0.35996
published_at 2026-06-06T12:55:00Z
3
value 0.00155
scoring_system epss
scoring_elements 0.35956
published_at 2026-06-07T12:55:00Z
4
value 0.00155
scoring_system epss
scoring_elements 0.35914
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-1999-1332
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1332
fixed_packages
0
url pkg:deb/debian/gzip@1.3.5-10sarge2
purl pkg:deb/debian/gzip@1.3.5-10sarge2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9ehy-my4r-qbbe
1
vulnerability VCID-9jab-xz6n-g3h6
2
vulnerability VCID-psqw-be2n-ufcn
3
vulnerability VCID-u3sv-pcka-gfea
4
vulnerability VCID-up3n-ccgt-c3e7
5
vulnerability VCID-vg3a-h2pv-xqab
6
vulnerability VCID-wbym-cf79-rfd3
7
vulnerability VCID-yep2-pmhw-bkgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-10sarge2
aliases CVE-1999-1332
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ahfm-5k5y-zqa6
5
url VCID-jq8f-p32j-pqbh
vulnerability_id VCID-jq8f-p32j-pqbh
summary zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0758.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0758.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-0758
reference_id
reference_type
scores
0
value 0.00186
scoring_system epss
scoring_elements 0.40186
published_at 2026-06-04T12:55:00Z
1
value 0.00186
scoring_system epss
scoring_elements 0.40268
published_at 2026-06-05T12:55:00Z
2
value 0.00186
scoring_system epss
scoring_elements 0.4027
published_at 2026-06-06T12:55:00Z
3
value 0.00186
scoring_system epss
scoring_elements 0.40243
published_at 2026-06-07T12:55:00Z
4
value 0.00186
scoring_system epss
scoring_elements 0.40213
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-0758
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0758
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0758
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617573
reference_id 1617573
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617573
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=321286
reference_id 321286
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=321286
5
reference_url https://access.redhat.com/errata/RHSA-2005:357
reference_id RHSA-2005:357
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:357
6
reference_url https://access.redhat.com/errata/RHSA-2005:474
reference_id RHSA-2005:474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:474
7
reference_url https://usn.ubuntu.com/158-1/
reference_id USN-158-1
reference_type
scores
url https://usn.ubuntu.com/158-1/
8
reference_url https://usn.ubuntu.com/161-1/
reference_id USN-161-1
reference_type
scores
url https://usn.ubuntu.com/161-1/
fixed_packages
0
url pkg:deb/debian/gzip@1.3.5-10sarge2
purl pkg:deb/debian/gzip@1.3.5-10sarge2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9ehy-my4r-qbbe
1
vulnerability VCID-9jab-xz6n-g3h6
2
vulnerability VCID-psqw-be2n-ufcn
3
vulnerability VCID-u3sv-pcka-gfea
4
vulnerability VCID-up3n-ccgt-c3e7
5
vulnerability VCID-vg3a-h2pv-xqab
6
vulnerability VCID-wbym-cf79-rfd3
7
vulnerability VCID-yep2-pmhw-bkgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-10sarge2
aliases CVE-2005-0758
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jq8f-p32j-pqbh
6
url VCID-nxe3-44cq-2ybe
vulnerability_id VCID-nxe3-44cq-2ybe
summary znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0367.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0367.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0367
reference_id
reference_type
scores
0
value 0.00141
scoring_system epss
scoring_elements 0.33853
published_at 2026-06-04T12:55:00Z
1
value 0.00141
scoring_system epss
scoring_elements 0.33957
published_at 2026-06-05T12:55:00Z
2
value 0.00141
scoring_system epss
scoring_elements 0.33972
published_at 2026-06-06T12:55:00Z
3
value 0.00141
scoring_system epss
scoring_elements 0.33939
published_at 2026-06-07T12:55:00Z
4
value 0.00141
scoring_system epss
scoring_elements 0.33905
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0367
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0367
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0367
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1850889
reference_id 1850889
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1850889
fixed_packages
0
url pkg:deb/debian/gzip@1.3.5-10sarge2
purl pkg:deb/debian/gzip@1.3.5-10sarge2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9ehy-my4r-qbbe
1
vulnerability VCID-9jab-xz6n-g3h6
2
vulnerability VCID-psqw-be2n-ufcn
3
vulnerability VCID-u3sv-pcka-gfea
4
vulnerability VCID-up3n-ccgt-c3e7
5
vulnerability VCID-vg3a-h2pv-xqab
6
vulnerability VCID-wbym-cf79-rfd3
7
vulnerability VCID-yep2-pmhw-bkgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-10sarge2
aliases CVE-2003-0367
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nxe3-44cq-2ybe
7
url VCID-psqw-be2n-ufcn
vulnerability_id VCID-psqw-be2n-ufcn
summary Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted leaf count table that causes a write to a negative index.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4336.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4336.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-4336
reference_id
reference_type
scores
0
value 0.13836
scoring_system epss
scoring_elements 0.94426
published_at 2026-06-04T12:55:00Z
1
value 0.13836
scoring_system epss
scoring_elements 0.94434
published_at 2026-06-05T12:55:00Z
2
value 0.13836
scoring_system epss
scoring_elements 0.94436
published_at 2026-06-06T12:55:00Z
3
value 0.13836
scoring_system epss
scoring_elements 0.94439
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-4336
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=220595
reference_id 220595
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=220595
4
reference_url https://security.gentoo.org/glsa/200609-13
reference_id GLSA-200609-13
reference_type
scores
url https://security.gentoo.org/glsa/200609-13
5
reference_url https://security.gentoo.org/glsa/200611-24
reference_id GLSA-200611-24
reference_type
scores
url https://security.gentoo.org/glsa/200611-24
6
reference_url https://access.redhat.com/errata/RHSA-2006:0667
reference_id RHSA-2006:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0667
7
reference_url https://usn.ubuntu.com/349-1/
reference_id USN-349-1
reference_type
scores
url https://usn.ubuntu.com/349-1/
fixed_packages
0
url pkg:deb/debian/gzip@1.3.5-15
purl pkg:deb/debian/gzip@1.3.5-15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-u3sv-pcka-gfea
1
vulnerability VCID-vg3a-h2pv-xqab
2
vulnerability VCID-yep2-pmhw-bkgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-15
aliases CVE-2006-4336
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-psqw-be2n-ufcn
8
url VCID-u3sv-pcka-gfea
vulnerability_id VCID-u3sv-pcka-gfea
summary Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0001.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0001.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-0001
reference_id
reference_type
scores
0
value 0.22601
scoring_system epss
scoring_elements 0.95955
published_at 2026-06-04T12:55:00Z
1
value 0.22601
scoring_system epss
scoring_elements 0.9596
published_at 2026-06-05T12:55:00Z
2
value 0.22601
scoring_system epss
scoring_elements 0.95964
published_at 2026-06-07T12:55:00Z
3
value 0.22601
scoring_system epss
scoring_elements 0.95963
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-0001
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=554418
reference_id 554418
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=554418
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566002
reference_id 566002
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566002
5
reference_url https://security.gentoo.org/glsa/201412-08
reference_id GLSA-201412-08
reference_type
scores
url https://security.gentoo.org/glsa/201412-08
6
reference_url https://access.redhat.com/errata/RHSA-2010:0061
reference_id RHSA-2010:0061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0061
7
reference_url https://usn.ubuntu.com/889-1/
reference_id USN-889-1
reference_type
scores
url https://usn.ubuntu.com/889-1/
fixed_packages
0
url pkg:deb/debian/gzip@1.3.12-9%2Bsqueeze1
purl pkg:deb/debian/gzip@1.3.12-9%2Bsqueeze1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-yep2-pmhw-bkgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.12-9%252Bsqueeze1
aliases CVE-2010-0001
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u3sv-pcka-gfea
9
url VCID-up3n-ccgt-c3e7
vulnerability_id VCID-up3n-ccgt-c3e7
summary Unspecified vulnerability in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (crash) via a crafted GZIP (gz) archive, which results in a NULL dereference.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4334.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4334.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-4334
reference_id
reference_type
scores
0
value 0.09059
scoring_system epss
scoring_elements 0.92797
published_at 2026-06-04T12:55:00Z
1
value 0.09059
scoring_system epss
scoring_elements 0.92809
published_at 2026-06-05T12:55:00Z
2
value 0.09059
scoring_system epss
scoring_elements 0.92804
published_at 2026-06-06T12:55:00Z
3
value 0.09059
scoring_system epss
scoring_elements 0.928
published_at 2026-06-07T12:55:00Z
4
value 0.09059
scoring_system epss
scoring_elements 0.92798
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-4334
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1618181
reference_id 1618181
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1618181
4
reference_url https://security.gentoo.org/glsa/200609-13
reference_id GLSA-200609-13
reference_type
scores
url https://security.gentoo.org/glsa/200609-13
5
reference_url https://access.redhat.com/errata/RHSA-2006:0667
reference_id RHSA-2006:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0667
6
reference_url https://usn.ubuntu.com/349-1/
reference_id USN-349-1
reference_type
scores
url https://usn.ubuntu.com/349-1/
fixed_packages
0
url pkg:deb/debian/gzip@1.3.5-15
purl pkg:deb/debian/gzip@1.3.5-15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-u3sv-pcka-gfea
1
vulnerability VCID-vg3a-h2pv-xqab
2
vulnerability VCID-yep2-pmhw-bkgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-15
aliases CVE-2006-4334
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-up3n-ccgt-c3e7
10
url VCID-vb2n-e9k4-kfat
vulnerability_id VCID-vb2n-e9k4-kfat
summary Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0988.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0988.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-0988
reference_id
reference_type
scores
0
value 0.00115
scoring_system epss
scoring_elements 0.2975
published_at 2026-06-04T12:55:00Z
1
value 0.00115
scoring_system epss
scoring_elements 0.29818
published_at 2026-06-05T12:55:00Z
2
value 0.00115
scoring_system epss
scoring_elements 0.29781
published_at 2026-06-06T12:55:00Z
3
value 0.00115
scoring_system epss
scoring_elements 0.29748
published_at 2026-06-07T12:55:00Z
4
value 0.00115
scoring_system epss
scoring_elements 0.29715
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-0988
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0988
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0988
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617595
reference_id 1617595
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617595
4
reference_url https://access.redhat.com/errata/RHSA-2005:357
reference_id RHSA-2005:357
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:357
5
reference_url https://usn.ubuntu.com/116-1/
reference_id USN-116-1
reference_type
scores
url https://usn.ubuntu.com/116-1/
fixed_packages
0
url pkg:deb/debian/gzip@1.3.5-10sarge2
purl pkg:deb/debian/gzip@1.3.5-10sarge2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9ehy-my4r-qbbe
1
vulnerability VCID-9jab-xz6n-g3h6
2
vulnerability VCID-psqw-be2n-ufcn
3
vulnerability VCID-u3sv-pcka-gfea
4
vulnerability VCID-up3n-ccgt-c3e7
5
vulnerability VCID-vg3a-h2pv-xqab
6
vulnerability VCID-wbym-cf79-rfd3
7
vulnerability VCID-yep2-pmhw-bkgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-10sarge2
aliases CVE-2005-0988
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vb2n-e9k4-kfat
11
url VCID-vg3a-h2pv-xqab
vulnerability_id VCID-vg3a-h2pv-xqab
summary The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. NOTE: this issue is caused by a CVE-2006-4334 regression.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2624.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2624.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-2624
reference_id
reference_type
scores
0
value 0.07318
scoring_system epss
scoring_elements 0.91824
published_at 2026-06-04T12:55:00Z
1
value 0.07318
scoring_system epss
scoring_elements 0.91837
published_at 2026-06-05T12:55:00Z
2
value 0.07318
scoring_system epss
scoring_elements 0.91838
published_at 2026-06-06T12:55:00Z
3
value 0.07318
scoring_system epss
scoring_elements 0.91835
published_at 2026-06-07T12:55:00Z
4
value 0.07318
scoring_system epss
scoring_elements 0.91834
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-2624
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2624
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2624
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507263
reference_id 507263
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507263
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=514711
reference_id 514711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=514711
5
reference_url https://security.gentoo.org/glsa/201412-08
reference_id GLSA-201412-08
reference_type
scores
url https://security.gentoo.org/glsa/201412-08
6
reference_url https://usn.ubuntu.com/889-1/
reference_id USN-889-1
reference_type
scores
url https://usn.ubuntu.com/889-1/
fixed_packages
0
url pkg:deb/debian/gzip@1.3.12-9%2Bsqueeze1
purl pkg:deb/debian/gzip@1.3.12-9%2Bsqueeze1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-yep2-pmhw-bkgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.12-9%252Bsqueeze1
aliases CVE-2009-2624
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vg3a-h2pv-xqab
12
url VCID-wbym-cf79-rfd3
vulnerability_id VCID-wbym-cf79-rfd3
summary Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archive that triggers an out-of-bounds write, aka a "stack modification vulnerability."
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4335.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4335.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-4335
reference_id
reference_type
scores
0
value 0.03561
scoring_system epss
scoring_elements 0.87914
published_at 2026-06-04T12:55:00Z
1
value 0.03561
scoring_system epss
scoring_elements 0.87935
published_at 2026-06-05T12:55:00Z
2
value 0.03561
scoring_system epss
scoring_elements 0.87939
published_at 2026-06-06T12:55:00Z
3
value 0.03561
scoring_system epss
scoring_elements 0.87938
published_at 2026-06-07T12:55:00Z
4
value 0.03561
scoring_system epss
scoring_elements 0.8794
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-4335
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=220595
reference_id 220595
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=220595
4
reference_url https://security.gentoo.org/glsa/200609-13
reference_id GLSA-200609-13
reference_type
scores
url https://security.gentoo.org/glsa/200609-13
5
reference_url https://security.gentoo.org/glsa/200611-24
reference_id GLSA-200611-24
reference_type
scores
url https://security.gentoo.org/glsa/200611-24
6
reference_url https://access.redhat.com/errata/RHSA-2006:0667
reference_id RHSA-2006:0667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0667
7
reference_url https://usn.ubuntu.com/349-1/
reference_id USN-349-1
reference_type
scores
url https://usn.ubuntu.com/349-1/
fixed_packages
0
url pkg:deb/debian/gzip@1.3.5-15
purl pkg:deb/debian/gzip@1.3.5-15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-u3sv-pcka-gfea
1
vulnerability VCID-vg3a-h2pv-xqab
2
vulnerability VCID-yep2-pmhw-bkgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-15
aliases CVE-2006-4335
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wbym-cf79-rfd3
13
url VCID-yep2-pmhw-bkgw
vulnerability_id VCID-yep2-pmhw-bkgw
summary arbitrary command execution
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1271.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1271.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-1271
reference_id
reference_type
scores
0
value 0.00813
scoring_system epss
scoring_elements 0.74622
published_at 2026-06-08T12:55:00Z
1
value 0.00813
scoring_system epss
scoring_elements 0.74651
published_at 2026-06-06T12:55:00Z
2
value 0.00813
scoring_system epss
scoring_elements 0.74646
published_at 2026-06-05T12:55:00Z
3
value 0.00813
scoring_system epss
scoring_elements 0.74614
published_at 2026-06-04T12:55:00Z
4
value 0.00813
scoring_system epss
scoring_elements 0.74639
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-1271
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009167
reference_id 1009167
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009167
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009168
reference_id 1009168
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009168
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2073310
reference_id 2073310
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T14:55:46Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2073310
7
reference_url https://www.openwall.com/lists/oss-security/2022/04/07/8
reference_id 8
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T14:55:46Z/
url https://www.openwall.com/lists/oss-security/2022/04/07/8
8
reference_url https://security.archlinux.org/ASA-202204-7
reference_id ASA-202204-7
reference_type
scores
url https://security.archlinux.org/ASA-202204-7
9
reference_url https://security.archlinux.org/ASA-202204-8
reference_id ASA-202204-8
reference_type
scores
url https://security.archlinux.org/ASA-202204-8
10
reference_url https://security.archlinux.org/AVG-2665
reference_id AVG-2665
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2665
11
reference_url https://security.archlinux.org/AVG-2666
reference_id AVG-2666
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2666
12
reference_url https://access.redhat.com/security/cve/CVE-2022-1271
reference_id CVE-2022-1271
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T14:55:46Z/
url https://access.redhat.com/security/cve/CVE-2022-1271
13
reference_url https://security-tracker.debian.org/tracker/CVE-2022-1271
reference_id CVE-2022-1271
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T14:55:46Z/
url https://security-tracker.debian.org/tracker/CVE-2022-1271
14
reference_url https://security.gentoo.org/glsa/202209-01
reference_id GLSA-202209-01
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T14:55:46Z/
url https://security.gentoo.org/glsa/202209-01
15
reference_url https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
reference_id msg00011.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T14:55:46Z/
url https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
16
reference_url https://security.netapp.com/advisory/ntap-20220930-0006/
reference_id ntap-20220930-0006
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T14:55:46Z/
url https://security.netapp.com/advisory/ntap-20220930-0006/
17
reference_url https://git.tukaani.org/?p=xz.git%3Ba=commit%3Bh=69d1b3fc29677af8ade8dc15dba83f0589cb63d6
reference_id ?p=xz.git%3Ba=commit%3Bh=69d1b3fc29677af8ade8dc15dba83f0589cb63d6
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T14:55:46Z/
url https://git.tukaani.org/?p=xz.git%3Ba=commit%3Bh=69d1b3fc29677af8ade8dc15dba83f0589cb63d6
18
reference_url https://access.redhat.com/errata/RHSA-2022:1537
reference_id RHSA-2022:1537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1537
19
reference_url https://access.redhat.com/errata/RHSA-2022:1592
reference_id RHSA-2022:1592
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1592
20
reference_url https://access.redhat.com/errata/RHSA-2022:1665
reference_id RHSA-2022:1665
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1665
21
reference_url https://access.redhat.com/errata/RHSA-2022:1676
reference_id RHSA-2022:1676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1676
22
reference_url https://access.redhat.com/errata/RHSA-2022:2191
reference_id RHSA-2022:2191
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2191
23
reference_url https://access.redhat.com/errata/RHSA-2022:4582
reference_id RHSA-2022:4582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4582
24
reference_url https://access.redhat.com/errata/RHSA-2022:4896
reference_id RHSA-2022:4896
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4896
25
reference_url https://access.redhat.com/errata/RHSA-2022:4940
reference_id RHSA-2022:4940
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4940
26
reference_url https://access.redhat.com/errata/RHSA-2022:4991
reference_id RHSA-2022:4991
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4991
27
reference_url https://access.redhat.com/errata/RHSA-2022:4992
reference_id RHSA-2022:4992
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4992
28
reference_url https://access.redhat.com/errata/RHSA-2022:4993
reference_id RHSA-2022:4993
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4993
29
reference_url https://access.redhat.com/errata/RHSA-2022:4994
reference_id RHSA-2022:4994
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4994
30
reference_url https://access.redhat.com/errata/RHSA-2022:5052
reference_id RHSA-2022:5052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5052
31
reference_url https://access.redhat.com/errata/RHSA-2022:5439
reference_id RHSA-2022:5439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5439
32
reference_url https://usn.ubuntu.com/5378-1/
reference_id USN-5378-1
reference_type
scores
url https://usn.ubuntu.com/5378-1/
33
reference_url https://usn.ubuntu.com/5378-2/
reference_id USN-5378-2
reference_type
scores
url https://usn.ubuntu.com/5378-2/
34
reference_url https://usn.ubuntu.com/5378-3/
reference_id USN-5378-3
reference_type
scores
url https://usn.ubuntu.com/5378-3/
35
reference_url https://usn.ubuntu.com/5378-4/
reference_id USN-5378-4
reference_type
scores
url https://usn.ubuntu.com/5378-4/
36
reference_url https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch
reference_id xzgrep-ZDI-CAN-16587.patch
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T14:55:46Z/
url https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch
fixed_packages
0
url pkg:deb/debian/gzip@1.9-3%2Bdeb10u1
purl pkg:deb/debian/gzip@1.9-3%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-yep2-pmhw-bkgw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.9-3%252Bdeb10u1
1
url pkg:deb/debian/gzip@1.10-4%2Bdeb11u1
purl pkg:deb/debian/gzip@1.10-4%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.10-4%252Bdeb11u1
aliases CVE-2022-1271
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yep2-pmhw-bkgw
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.2-3woody3