Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/583706?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/583706?format=api", "purl": "pkg:deb/debian/cacti@1.2.1%2Bds1-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "cacti", "version": "1.2.1+ds1-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.2.2+ds1-2", "latest_non_vulnerable_version": "1.2.30+ds1-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94856?format=api", "vulnerability_id": "VCID-1ff1-vhuj-hkdc", "summary": "Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the group_prefix field during the creation of a new group via \"Copy\" method at user_group_admin.php.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3816", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49526", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49556", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49584", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49537", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49592", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49586", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49603", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49574", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49575", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49622", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.4962", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.4959", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3816" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583706?format=api", "purl": "pkg:deb/debian/cacti@1.2.1%2Bds1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.1%252Bds1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582138?format=api", "purl": "pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5y-1s19-r7g7" }, { "vulnerability": "VCID-cqr3-wwhj-tyck" }, { "vulnerability": "VCID-pxqa-nkv3-jqfs" }, { "vulnerability": "VCID-xkkm-ss3p-1udc" }, { "vulnerability": "VCID-zxu5-equ9-1kam" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582140?format=api", "purl": "pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5y-1s19-r7g7" }, { "vulnerability": "VCID-pxqa-nkv3-jqfs" }, { "vulnerability": "VCID-xkkm-ss3p-1udc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582142?format=api", "purl": "pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582143?format=api", "purl": "pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-3816" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ff1-vhuj-hkdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93696?format=api", "vulnerability_id": "VCID-29q9-twke-2bdx", "summary": "A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65848", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65861", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65729", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65778", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65808", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65773", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65826", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65837", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65856", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65843", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65813", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65846", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20725" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20725", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20725" }, { "reference_url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG" }, { "reference_url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d" }, { "reference_url": "https://github.com/Cacti/cacti/issues/2214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/Cacti/cacti/issues/2214" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20725", "reference_id": "CVE-2018-20725", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:N" }, { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20725" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583706?format=api", "purl": "pkg:deb/debian/cacti@1.2.1%2Bds1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.1%252Bds1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582138?format=api", "purl": "pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5y-1s19-r7g7" }, { "vulnerability": "VCID-cqr3-wwhj-tyck" }, { "vulnerability": "VCID-pxqa-nkv3-jqfs" }, { "vulnerability": "VCID-xkkm-ss3p-1udc" }, { "vulnerability": "VCID-zxu5-equ9-1kam" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582140?format=api", "purl": "pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5y-1s19-r7g7" }, { "vulnerability": "VCID-pxqa-nkv3-jqfs" }, { "vulnerability": "VCID-xkkm-ss3p-1udc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582142?format=api", "purl": "pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582143?format=api", "purl": "pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20725" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-29q9-twke-2bdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94668?format=api", "vulnerability_id": "VCID-86gq-jsgy-8uep", "summary": "Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the \"new_username\" field during creation of a new user via \"Copy\" method at user_admin.php.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23225", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.6539", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65438", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65466", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.6543", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65483", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65495", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65513", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.655", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65472", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65509", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65521", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00488", "scoring_system": "epss", "scoring_elements": "0.65506", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23225" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23225", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23225" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583706?format=api", "purl": "pkg:deb/debian/cacti@1.2.1%2Bds1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.1%252Bds1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582138?format=api", "purl": "pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5y-1s19-r7g7" }, { "vulnerability": "VCID-cqr3-wwhj-tyck" }, { "vulnerability": "VCID-pxqa-nkv3-jqfs" }, { "vulnerability": "VCID-xkkm-ss3p-1udc" }, { "vulnerability": "VCID-zxu5-equ9-1kam" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582140?format=api", "purl": "pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5y-1s19-r7g7" }, { "vulnerability": "VCID-pxqa-nkv3-jqfs" }, { "vulnerability": "VCID-xkkm-ss3p-1udc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582142?format=api", "purl": "pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582143?format=api", "purl": "pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-23225" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-86gq-jsgy-8uep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93695?format=api", "vulnerability_id": "VCID-89pf-69jk-syfk", "summary": "A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20724", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.68995", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.69015", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.68899", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.68916", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.68937", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.68967", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.68985", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.69008", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.68994", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.68964", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00583", "scoring_system": "epss", "scoring_elements": "0.69006", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20724" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20724", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20724" }, { "reference_url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG" }, { "reference_url": "https://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53" }, { "reference_url": "https://github.com/Cacti/cacti/issues/2212", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/Cacti/cacti/issues/2212" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20724", "reference_id": "CVE-2018-20724", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:N" }, { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20724" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583706?format=api", "purl": "pkg:deb/debian/cacti@1.2.1%2Bds1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.1%252Bds1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582138?format=api", "purl": "pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5y-1s19-r7g7" }, { "vulnerability": "VCID-cqr3-wwhj-tyck" }, { "vulnerability": "VCID-pxqa-nkv3-jqfs" }, { "vulnerability": "VCID-xkkm-ss3p-1udc" }, { "vulnerability": "VCID-zxu5-equ9-1kam" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582140?format=api", "purl": "pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5y-1s19-r7g7" }, { "vulnerability": "VCID-pxqa-nkv3-jqfs" }, { "vulnerability": "VCID-xkkm-ss3p-1udc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582142?format=api", "purl": "pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582143?format=api", "purl": "pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20724" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-89pf-69jk-syfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87973?format=api", "vulnerability_id": "VCID-bj2d-v5dw-ykc7", "summary": "Cacti: Privilege escalation under certain conditions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4112.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4112.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4112", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07985", "scoring_system": "epss", "scoring_elements": "0.9205", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07985", "scoring_system": "epss", "scoring_elements": "0.92056", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07985", "scoring_system": "epss", "scoring_elements": "0.92064", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07985", "scoring_system": "epss", "scoring_elements": "0.92068", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07985", "scoring_system": "epss", "scoring_elements": "0.9208", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07985", "scoring_system": "epss", "scoring_elements": "0.92084", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07985", "scoring_system": "epss", "scoring_elements": "0.92088", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07985", "scoring_system": "epss", "scoring_elements": "0.92083", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07985", "scoring_system": "epss", "scoring_elements": "0.92095", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07985", "scoring_system": "epss", "scoring_elements": "0.92093", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07985", "scoring_system": "epss", "scoring_elements": "0.92091", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4112" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4112", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4112" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=542985", "reference_id": "542985", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=542985" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561339", "reference_id": "561339", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561339" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/33377.txt", "reference_id": "CVE-2009-4112;OSVDB-60653", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/33377.txt" }, { "reference_url": "https://www.securityfocus.com/bid/37145/info", "reference_id": "CVE-2009-4112;OSVDB-60653", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/37145/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583706?format=api", "purl": "pkg:deb/debian/cacti@1.2.1%2Bds1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.1%252Bds1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582138?format=api", "purl": "pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5y-1s19-r7g7" }, { "vulnerability": "VCID-cqr3-wwhj-tyck" }, { "vulnerability": "VCID-pxqa-nkv3-jqfs" }, { "vulnerability": "VCID-xkkm-ss3p-1udc" }, { "vulnerability": "VCID-zxu5-equ9-1kam" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582140?format=api", "purl": "pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5y-1s19-r7g7" }, { "vulnerability": "VCID-pxqa-nkv3-jqfs" }, { "vulnerability": "VCID-xkkm-ss3p-1udc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582142?format=api", "purl": "pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582143?format=api", "purl": "pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-4112" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bj2d-v5dw-ykc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93694?format=api", "vulnerability_id": "VCID-kkn3-ars7-gkbk", "summary": "A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20723", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65848", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65861", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65729", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65778", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65808", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65773", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65826", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65837", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65856", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65843", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65813", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65846", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20723" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20723", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20723" }, { "reference_url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG" }, { "reference_url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d" }, { "reference_url": "https://github.com/Cacti/cacti/issues/2215", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/Cacti/cacti/issues/2215" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20723", "reference_id": "CVE-2018-20723", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:N" }, { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20723" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583706?format=api", "purl": "pkg:deb/debian/cacti@1.2.1%2Bds1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.1%252Bds1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582138?format=api", "purl": "pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5y-1s19-r7g7" }, { "vulnerability": "VCID-cqr3-wwhj-tyck" }, { "vulnerability": "VCID-pxqa-nkv3-jqfs" }, { "vulnerability": "VCID-xkkm-ss3p-1udc" }, { "vulnerability": "VCID-zxu5-equ9-1kam" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582140?format=api", "purl": "pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5y-1s19-r7g7" }, { "vulnerability": "VCID-pxqa-nkv3-jqfs" }, { "vulnerability": "VCID-xkkm-ss3p-1udc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582142?format=api", "purl": "pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582143?format=api", "purl": "pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20723" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kkn3-ars7-gkbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93697?format=api", "vulnerability_id": "VCID-nbfc-ex1y-37he", "summary": "A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20726", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66434", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66449", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66322", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66361", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66387", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66357", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66405", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66419", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66439", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66426", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66396", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0051", "scoring_system": "epss", "scoring_elements": "0.66432", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20726" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20726", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20726" }, { "reference_url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/Cacti/cacti/blob/develop/CHANGELOG" }, { "reference_url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d" }, { "reference_url": "https://github.com/Cacti/cacti/issues/2213", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/Cacti/cacti/issues/2213" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20726", "reference_id": "CVE-2018-20726", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:P/A:N" }, { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20726" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583706?format=api", "purl": "pkg:deb/debian/cacti@1.2.1%2Bds1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.1%252Bds1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582138?format=api", "purl": "pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5y-1s19-r7g7" }, { "vulnerability": "VCID-cqr3-wwhj-tyck" }, { "vulnerability": "VCID-pxqa-nkv3-jqfs" }, { "vulnerability": "VCID-xkkm-ss3p-1udc" }, { "vulnerability": "VCID-zxu5-equ9-1kam" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582140?format=api", "purl": "pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4e5y-1s19-r7g7" }, { "vulnerability": "VCID-pxqa-nkv3-jqfs" }, { "vulnerability": "VCID-xkkm-ss3p-1udc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582142?format=api", "purl": "pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582143?format=api", "purl": "pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20726" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nbfc-ex1y-37he" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.1%252Bds1-1%3Fdistro=trixie" }