Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

Type deb

Namespace debian

Name inetutils

Version 2:2.6-3+deb13u2

Qualifiers

distro	trixie

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2:2.6-3+deb13u3

Latest_non_vulnerable_version 2:2.7-5

Affected_by_vulnerabilities

url VCID-hm61-cd18-hycu

vulnerability_id VCID-hm61-cd18-hycu

summary telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-32746

reference_id

reference_type

scores

value	0.00027
scoring_system	epss
scoring_elements	0.07617
published_at	2026-04-08T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07541
published_at	2026-04-02T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07559
published_at	2026-04-07T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07636
published_at	2026-04-11T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07609
published_at	2026-04-13T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07623
published_at	2026-04-12T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07582
published_at	2026-04-04T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08282
published_at	2026-04-18T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08299
published_at	2026-04-16T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09457
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-32746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32746

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130742
reference_id	1130742
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130742

reference_url

https://www.openwall.com/lists/oss-security/2026/03/12/4

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-21T04:01:00Z/

url

https://www.openwall.com/lists/oss-security/2026/03/12/4

reference_url

https://lists.gnu.org/archive/html/bug-inetutils/2026-03/msg00031.html

reference_id

msg00031.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-21T04:01:00Z/

url

https://lists.gnu.org/archive/html/bug-inetutils/2026-03/msg00031.html

fixed_packages

url	pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-4?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-4%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2026-32746

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hm61-cd18-hycu

url VCID-wfv6-euzm-7bhc

vulnerability_id VCID-wfv6-euzm-7bhc

summary telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-32772

reference_id

reference_type

scores

value	0.0003
scoring_system	epss
scoring_elements	0.08476
published_at	2026-04-02T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08546
published_at	2026-04-09T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08541
published_at	2026-04-11T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08521
published_at	2026-04-12T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08505
published_at	2026-04-13T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08532
published_at	2026-04-04T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08452
published_at	2026-04-07T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08525
published_at	2026-04-08T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09275
published_at	2026-04-18T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.14883
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-32772

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32772
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32772

reference_url

https://www.openwall.com/lists/oss-security/2026/03/13/1

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T17:02:13Z/

url

https://www.openwall.com/lists/oss-security/2026/03/13/1

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130741
reference_id	1130741
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130741

fixed_packages

url	pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2026-32772

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wfv6-euzm-7bhc

Fixing_vulnerabilities

url VCID-6xfm-qpgd-ebaw

vulnerability_id VCID-6xfm-qpgd-ebaw

summary telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-28372

reference_id

reference_type

scores

value	7e-05
scoring_system	epss
scoring_elements	0.00499
published_at	2026-04-04T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00505
published_at	2026-04-02T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00489
published_at	2026-04-16T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00491
published_at	2026-04-12T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00494
published_at	2026-04-18T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00493
published_at	2026-04-13T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00495
published_at	2026-04-08T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00497
published_at	2026-04-07T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00941
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-28372

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28372
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28372

reference_url

https://www.openwall.com/lists/oss-security/2026/02/24/1

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-03T16:12:52Z/

url

https://www.openwall.com/lists/oss-security/2026/02/24/1

reference_url

https://git.hadrons.org/cgit/debian/pkgs/inetutils.git/commit/?id=3953943d8296310485f98963883a798545ab9a6c

reference_id

?id=3953943d8296310485f98963883a798545ab9a6c

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-03T16:12:52Z/

url

https://git.hadrons.org/cgit/debian/pkgs/inetutils.git/commit/?id=3953943d8296310485f98963883a798545ab9a6c

reference_url

https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00000.html

reference_id

msg00000.html

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-03T16:12:52Z/

url

https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00000.html

reference_url

https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-03T16:12:52Z/

url

https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00012.html

fixed_packages

url pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-3?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-3%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2026-28372

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6xfm-qpgd-ebaw

url VCID-8491-mjp3-bqbv

vulnerability_id VCID-8491-mjp3-bqbv

summary krb5-appl: NULL pointer dereference

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39028.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39028.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-39028

reference_id

reference_type

scores

value	0.00368
scoring_system	epss
scoring_elements	0.58734
published_at	2026-04-02T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58755
published_at	2026-04-04T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58723
published_at	2026-04-07T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58775
published_at	2026-04-08T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58782
published_at	2026-04-09T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58801
published_at	2026-04-11T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58783
published_at	2026-04-12T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58762
published_at	2026-04-13T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58795
published_at	2026-04-16T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.588
published_at	2026-04-18T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.58778
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-39028

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39028
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39028

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2126045
reference_id	2126045
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2126045

reference_url	https://usn.ubuntu.com/6304-1/
reference_id	USN-6304-1
reference_type
scores
url	https://usn.ubuntu.com/6304-1/

reference_url	https://usn.ubuntu.com/7781-1/
reference_id	USN-7781-1
reference_type
scores
url	https://usn.ubuntu.com/7781-1/

fixed_packages

url	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.3-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.3-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.3-5%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2022-39028

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8491-mjp3-bqbv

url VCID-8mwn-2k1d-rkfz

vulnerability_id VCID-8mwn-2k1d-rkfz

summary

Multiple vulnerabilities have been found in RSYSLOG, allowing
    attackers to cause Denial of Service.

references

reference_url	http://advisories.mageia.org/MGASA-2014-0411.html
reference_id
reference_type
scores
url	http://advisories.mageia.org/MGASA-2014-0411.html

reference_url	http://linux.oracle.com/errata/ELSA-2014-1654
reference_id
reference_type
scores
url	http://linux.oracle.com/errata/ELSA-2014-1654

reference_url	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-updates/2014-10/msg00020.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2014-10/msg00020.html

reference_url	http://lists.opensuse.org/opensuse-updates/2014-10/msg00021.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2014-10/msg00021.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1397.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1397.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1654.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1654.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1671.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1671.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3634.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3634.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-3634

reference_id

reference_type

scores

value	0.29383
scoring_system	epss
scoring_elements	0.96615
published_at	2026-04-21T12:55:00Z

value	0.29383
scoring_system	epss
scoring_elements	0.96568
published_at	2026-04-01T12:55:00Z

value	0.29383
scoring_system	epss
scoring_elements	0.96578
published_at	2026-04-02T12:55:00Z

value	0.29383
scoring_system	epss
scoring_elements	0.96583
published_at	2026-04-04T12:55:00Z

value	0.29383
scoring_system	epss
scoring_elements	0.96586
published_at	2026-04-07T12:55:00Z

value	0.29383
scoring_system	epss
scoring_elements	0.96594
published_at	2026-04-08T12:55:00Z

value	0.29383
scoring_system	epss
scoring_elements	0.96596
published_at	2026-04-09T12:55:00Z

value	0.29383
scoring_system	epss
scoring_elements	0.96598
published_at	2026-04-12T12:55:00Z

value	0.29383
scoring_system	epss
scoring_elements	0.966
published_at	2026-04-13T12:55:00Z

value	0.29383
scoring_system	epss
scoring_elements	0.96606
published_at	2026-04-16T12:55:00Z

value	0.29383
scoring_system	epss
scoring_elements	0.96611
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3634

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3634
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3634

reference_url	http://secunia.com/advisories/61494
reference_id
reference_type
scores
url	http://secunia.com/advisories/61494

reference_url	http://secunia.com/advisories/61720
reference_id
reference_type
scores
url	http://secunia.com/advisories/61720

reference_url	http://secunia.com/advisories/61930
reference_id
reference_type
scores
url	http://secunia.com/advisories/61930

reference_url	http://www.debian.org/security/2014/dsa-3040
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3040

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2015:130
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2015:130

reference_url	http://www.openwall.com/lists/oss-security/2014/09/30/15
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/09/30/15

reference_url	http://www.openwall.com/lists/oss-security/2014/10/03/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/10/03/1

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

reference_url	http://www.rsyslog.com/remote-syslog-pri-vulnerability/
reference_id
reference_type
scores
url	http://www.rsyslog.com/remote-syslog-pri-vulnerability/

reference_url	http://www.ubuntu.com/usn/USN-2381-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2381-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1142373
reference_id	1142373
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1142373

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog::::::::
reference_id	cpe:2.3:a:rsyslog:rsyslog::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.1.0:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.1.1:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.1.2:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.1.3:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.1.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.1.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.1.4:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.1.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.1.5:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.1.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.1.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.1.6:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.1.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.1.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.2.0:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.2.1:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.2.2:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.2.3:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.3.0:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.3.1:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.3.2:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.3.3:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.3.4:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.3.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.3.5:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.3.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.4.0:::::::*
reference_id	cpe:2.3:a:rsyslog:rsyslog:8.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rsyslog:rsyslog:8.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sysklogd_project:sysklogd::::::::
reference_id	cpe:2.3:a:sysklogd_project:sysklogd::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sysklogd_project:sysklogd::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sysklogd_project:sysklogd:1.1:::::::*
reference_id	cpe:2.3:a:sysklogd_project:sysklogd:1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sysklogd_project:sysklogd:1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sysklogd_project:sysklogd:1.2:::::::*
reference_id	cpe:2.3:a:sysklogd_project:sysklogd:1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sysklogd_project:sysklogd:1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sysklogd_project:sysklogd:1.3:::::::*
reference_id	cpe:2.3:a:sysklogd_project:sysklogd:1.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sysklogd_project:sysklogd:1.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sysklogd_project:sysklogd:1.4:::::::*
reference_id	cpe:2.3:a:sysklogd_project:sysklogd:1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sysklogd_project:sysklogd:1.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sysklogd_project:sysklogd:1.4.1:::::::*
reference_id	cpe:2.3:a:sysklogd_project:sysklogd:1.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sysklogd_project:sysklogd:1.4.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-3634

reference_id

CVE-2014-3634

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-3634

reference_url	https://security.gentoo.org/glsa/201412-35
reference_id	GLSA-201412-35
reference_type
scores
url	https://security.gentoo.org/glsa/201412-35

reference_url	https://access.redhat.com/errata/RHSA-2014:1397
reference_id	RHSA-2014:1397
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1397

reference_url	https://access.redhat.com/errata/RHSA-2014:1654
reference_id	RHSA-2014:1654
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1654

reference_url	https://access.redhat.com/errata/RHSA-2014:1671
reference_id	RHSA-2014:1671
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1671

reference_url	https://usn.ubuntu.com/2381-1/
reference_id	USN-2381-1
reference_type
scores
url	https://usn.ubuntu.com/2381-1/

fixed_packages

url	pkg:deb/debian/inetutils@2:1.9.2.39.3a460-1?distro=trixie
purl	pkg:deb/debian/inetutils@2:1.9.2.39.3a460-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.9.2.39.3a460-1%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2014-3634

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8mwn-2k1d-rkfz

url VCID-bn6y-snuj-gbdy

vulnerability_id VCID-bn6y-snuj-gbdy

summary A vulnerability has been discovered in the telnetd module of inetutils, which allows remote code execution as root.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-24061

reference_id

reference_type

scores

value	0.87007
scoring_system	epss
scoring_elements	0.99431
published_at	2026-04-02T12:55:00Z

value	0.87007
scoring_system	epss
scoring_elements	0.99433
published_at	2026-04-07T12:55:00Z

value	0.87007
scoring_system	epss
scoring_elements	0.99435
published_at	2026-04-09T12:55:00Z

value	0.87007
scoring_system	epss
scoring_elements	0.9944
published_at	2026-04-21T12:55:00Z

value	0.88021
scoring_system	epss
scoring_elements	0.99486
published_at	2026-04-18T12:55:00Z

value	0.88021
scoring_system	epss
scoring_elements	0.99483
published_at	2026-04-13T12:55:00Z

value	0.88021
scoring_system	epss
scoring_elements	0.99485
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-24061

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24061
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24061

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126047
reference_id	1126047
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126047

reference_url

https://www.openwall.com/lists/oss-security/2026/01/20/2

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-01-27T04:55:30Z/

url

https://www.openwall.com/lists/oss-security/2026/01/20/2

reference_url

https://www.openwall.com/lists/oss-security/2026/01/20/8

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-01-27T04:55:30Z/

url

https://www.openwall.com/lists/oss-security/2026/01/20/8

reference_url

https://codeberg.org/inetutils/inetutils/commit/ccba9f748aa8d50a38d7748e2e60362edd6a32cc

reference_id

ccba9f748aa8d50a38d7748e2e60362edd6a32cc

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-01-27T04:55:30Z/

url

https://codeberg.org/inetutils/inetutils/commit/ccba9f748aa8d50a38d7748e2e60362edd6a32cc

reference_url

https://www.vicarius.io/vsociety/posts/cve-2026-24061-detection-script-remote-authentication-bypass-in-gnu-inetutils-package

reference_id

cve-2026-24061-detection-script-remote-authentication-bypass-in-gnu-inetutils-package

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-01-27T04:55:30Z/

url

https://www.vicarius.io/vsociety/posts/cve-2026-24061-detection-script-remote-authentication-bypass-in-gnu-inetutils-package

reference_url

https://www.vicarius.io/vsociety/posts/cve-2026-24061-mitigation-script-remote-authentication-bypass-in-gnu-inetutils-package

reference_id

cve-2026-24061-mitigation-script-remote-authentication-bypass-in-gnu-inetutils-package

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-01-27T04:55:30Z/

url

https://www.vicarius.io/vsociety/posts/cve-2026-24061-mitigation-script-remote-authentication-bypass-in-gnu-inetutils-package

reference_url

https://codeberg.org/inetutils/inetutils/commit/fd702c02497b2f398e739e3119bed0b23dd7aa7b

reference_id

fd702c02497b2f398e739e3119bed0b23dd7aa7b

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-01-27T04:55:30Z/

url

https://codeberg.org/inetutils/inetutils/commit/fd702c02497b2f398e739e3119bed0b23dd7aa7b

reference_url	https://security.gentoo.org/glsa/202601-01
reference_id	GLSA-202601-01
reference_type
scores
url	https://security.gentoo.org/glsa/202601-01

reference_url

https://www.gnu.org/software/inetutils/

reference_id

inetutils

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-01-27T04:55:30Z/

url

https://www.gnu.org/software/inetutils/

reference_url

https://lists.gnu.org/archive/html/bug-inetutils/2026-01/msg00004.html

reference_id

msg00004.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2026-01-27T04:55:30Z/

url

https://lists.gnu.org/archive/html/bug-inetutils/2026-01/msg00004.html

reference_url	https://usn.ubuntu.com/7992-1/
reference_id	USN-7992-1
reference_type
scores
url	https://usn.ubuntu.com/7992-1/

reference_url	https://usn.ubuntu.com/7992-2/
reference_id	USN-7992-2
reference_type
scores
url	https://usn.ubuntu.com/7992-2/

fixed_packages

url pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-2?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2026-24061

risk_score 10.0

exploitability 2.0

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bn6y-snuj-gbdy

url VCID-eq37-ztb2-nfb8

vulnerability_id VCID-eq37-ztb2-nfb8

summary The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-40491

reference_id

reference_type

scores

value	0.00339
scoring_system	epss
scoring_elements	0.56551
published_at	2026-04-01T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56647
published_at	2026-04-02T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56669
published_at	2026-04-04T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56648
published_at	2026-04-07T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56699
published_at	2026-04-08T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56704
published_at	2026-04-09T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56713
published_at	2026-04-11T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56688
published_at	2026-04-12T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56667
published_at	2026-04-13T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56698
published_at	2026-04-16T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56696
published_at	2026-04-18T12:55:00Z

value	0.00339
scoring_system	epss
scoring_elements	0.56668
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-40491

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40491
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40491

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993476
reference_id	993476
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993476

reference_url	https://usn.ubuntu.com/USN-5177-1/
reference_id	USN-USN-5177-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5177-1/

fixed_packages

url	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.2-1?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.2-1%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2021-40491

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eq37-ztb2-nfb8

url VCID-hm61-cd18-hycu

vulnerability_id VCID-hm61-cd18-hycu

summary telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-32746

reference_id

reference_type

scores

value	0.00027
scoring_system	epss
scoring_elements	0.07617
published_at	2026-04-08T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07541
published_at	2026-04-02T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07559
published_at	2026-04-07T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07636
published_at	2026-04-11T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07609
published_at	2026-04-13T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07623
published_at	2026-04-12T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07582
published_at	2026-04-04T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08282
published_at	2026-04-18T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08299
published_at	2026-04-16T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09457
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-32746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32746

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130742
reference_id	1130742
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130742

reference_url

https://www.openwall.com/lists/oss-security/2026/03/12/4

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-21T04:01:00Z/

url

https://www.openwall.com/lists/oss-security/2026/03/12/4

reference_url

https://lists.gnu.org/archive/html/bug-inetutils/2026-03/msg00031.html

reference_id

msg00031.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-03-21T04:01:00Z/

url

https://lists.gnu.org/archive/html/bug-inetutils/2026-03/msg00031.html

fixed_packages

url pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-4?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-4%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2026-32746

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hm61-cd18-hycu

url VCID-jw1r-x7s2-tkdj

vulnerability_id VCID-jw1r-x7s2-tkdj

summary Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-1485

reference_id

reference_type

scores

value	0.01636
scoring_system	epss
scoring_elements	0.81854
published_at	2026-04-01T12:55:00Z

value	0.01636
scoring_system	epss
scoring_elements	0.81865
published_at	2026-04-02T12:55:00Z

value	0.01636
scoring_system	epss
scoring_elements	0.81888
published_at	2026-04-04T12:55:00Z

value	0.01636
scoring_system	epss
scoring_elements	0.81884
published_at	2026-04-07T12:55:00Z

value	0.01636
scoring_system	epss
scoring_elements	0.8191
published_at	2026-04-08T12:55:00Z

value	0.01636
scoring_system	epss
scoring_elements	0.81917
published_at	2026-04-09T12:55:00Z

value	0.01636
scoring_system	epss
scoring_elements	0.81937
published_at	2026-04-11T12:55:00Z

value	0.01636
scoring_system	epss
scoring_elements	0.81925
published_at	2026-04-12T12:55:00Z

value	0.01636
scoring_system	epss
scoring_elements	0.8192
published_at	2026-04-13T12:55:00Z

value	0.01636
scoring_system	epss
scoring_elements	0.81956
published_at	2026-04-18T12:55:00Z

value	0.01636
scoring_system	epss
scoring_elements	0.81957
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-1485

fixed_packages

url	pkg:deb/debian/inetutils@0?distro=trixie
purl	pkg:deb/debian/inetutils@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@0%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2004-1485

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jw1r-x7s2-tkdj

url VCID-m459-kwuf-2kd4

vulnerability_id VCID-m459-kwuf-2kd4

summary GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-40303

reference_id

reference_type

scores

value	0.00053
scoring_system	epss
scoring_elements	0.16759
published_at	2026-04-02T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16819
published_at	2026-04-04T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16604
published_at	2026-04-21T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16689
published_at	2026-04-08T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16743
published_at	2026-04-09T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16723
published_at	2026-04-11T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.1668
published_at	2026-04-12T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16622
published_at	2026-04-13T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16558
published_at	2026-04-16T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16566
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-40303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40303

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1049365
reference_id	1049365
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1049365

reference_url	https://usn.ubuntu.com/6304-1/
reference_id	USN-6304-1
reference_type
scores
url	https://usn.ubuntu.com/6304-1/

reference_url	https://usn.ubuntu.com/7781-1/
reference_id	USN-7781-1
reference_type
scores
url	https://usn.ubuntu.com/7781-1/

fixed_packages

url pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.4-3?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.4-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-3%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2023-40303

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m459-kwuf-2kd4

url VCID-nes3-sr2e-yueb

vulnerability_id VCID-nes3-sr2e-yueb

summary

This GLSA contains notification of vulnerabilities found in several
    Gentoo packages which have been fixed prior to January 1, 2011. The worst
    of these vulnerabilities could lead to local privilege escalation and
    remote code execution. Please see the package list and CVE identifiers
    below for more information.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2529.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2529.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2529

reference_id

reference_type

scores

value	0.00711
scoring_system	epss
scoring_elements	0.72211
published_at	2026-04-01T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72217
published_at	2026-04-02T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72237
published_at	2026-04-04T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72213
published_at	2026-04-07T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.7225
published_at	2026-04-08T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72262
published_at	2026-04-09T12:55:00Z

value	0.00711
scoring_system	epss
scoring_elements	0.72284
published_at	2026-04-11T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72402
published_at	2026-04-21T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72376
published_at	2026-04-12T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72364
published_at	2026-04-13T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72405
published_at	2026-04-16T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72414
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2529

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:138
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:138

reference_url	http://www.securityfocus.com/bid/41911
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/41911

reference_url	http://www.vupen.com/english/advisories/2010/1890
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/1890

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=613819
reference_id	613819
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=613819

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:skbuff:iputils:20020927:::::::*
reference_id	cpe:2.3:a:skbuff:iputils:20020927:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:skbuff:iputils:20020927:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:skbuff:iputils:20070202:::::::*
reference_id	cpe:2.3:a:skbuff:iputils:20070202:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:skbuff:iputils:20070202:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:skbuff:iputils:20071127:::::::*
reference_id	cpe:2.3:a:skbuff:iputils:20071127:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:skbuff:iputils:20071127:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:skbuff:iputils:20100214:::::::*
reference_id	cpe:2.3:a:skbuff:iputils:20100214:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:skbuff:iputils:20100214:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mandriva:linux::::::::
reference_id	cpe:2.3:o:mandriva:linux::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mandriva:linux::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-2529

reference_id

CVE-2010-2529

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-2529

reference_url	https://security.gentoo.org/glsa/201412-08
reference_id	GLSA-201412-08
reference_type
scores
url	https://security.gentoo.org/glsa/201412-08

fixed_packages

url	pkg:deb/debian/inetutils@2:1.9-2?distro=trixie
purl	pkg:deb/debian/inetutils@2:1.9-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.9-2%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2010-2529

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nes3-sr2e-yueb

url VCID-qg9t-d2pk-yub6

vulnerability_id VCID-qg9t-d2pk-yub6

summary Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS. A stack-based overflow is present in the handling of environment variables when connecting via the telnet client to remote telnet servers. This issue only affects the telnet client — accessible from the CLI or shell — in Junos OS. Inbound telnet services are not affected by this issue. This issue affects: Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S13; 12.3X48 versions prior to 12.3X48-D80; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D237, 15.1X53-D496, 15.1X53-D591, 15.1X53-D69; 16.1 versions prior to 16.1R3-S11, 16.1R7-S4; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R2-S7, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S3; 18.2 versions prior to 18.2R1-S5, 18.2R2-S2, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3, 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-0053

reference_id

reference_type

scores

value	0.00117
scoring_system	epss
scoring_elements	0.3048
published_at	2026-04-21T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30507
published_at	2026-04-01T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30645
published_at	2026-04-02T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30691
published_at	2026-04-04T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30504
published_at	2026-04-07T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30563
published_at	2026-04-08T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30598
published_at	2026-04-09T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.306
published_at	2026-04-11T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30556
published_at	2026-04-12T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.3051
published_at	2026-04-13T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30536
published_at	2026-04-16T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30517
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-0053

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0053
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0053

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945861
reference_id	945861
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945861

reference_url	https://security.archlinux.org/ASA-202106-20
reference_id	ASA-202106-20
reference_type
scores
url	https://security.archlinux.org/ASA-202106-20

reference_url

https://security.archlinux.org/AVG-1003

reference_id

AVG-1003

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1003

reference_url	https://usn.ubuntu.com/7781-1/
reference_id	USN-7781-1
reference_type
scores
url	https://usn.ubuntu.com/7781-1/

fixed_packages

url	pkg:deb/debian/inetutils@2:1.9.4-11?distro=trixie
purl	pkg:deb/debian/inetutils@2:1.9.4-11?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.9.4-11%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2019-0053

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qg9t-d2pk-yub6

url VCID-um87-6yps-cbfk

vulnerability_id VCID-um87-6yps-cbfk

summary telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10188.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10188.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10188

reference_id

reference_type

scores

value	0.08404
scoring_system	epss
scoring_elements	0.9229
published_at	2026-04-01T12:55:00Z

value	0.08404
scoring_system	epss
scoring_elements	0.92317
published_at	2026-04-08T12:55:00Z

value	0.08404
scoring_system	epss
scoring_elements	0.92297
published_at	2026-04-02T12:55:00Z

value	0.08404
scoring_system	epss
scoring_elements	0.92303
published_at	2026-04-04T12:55:00Z

value	0.08404
scoring_system	epss
scoring_elements	0.92306
published_at	2026-04-07T12:55:00Z

value	0.08404
scoring_system	epss
scoring_elements	0.92322
published_at	2026-04-09T12:55:00Z

value	0.09578
scoring_system	epss
scoring_elements	0.92878
published_at	2026-04-16T12:55:00Z

value	0.09578
scoring_system	epss
scoring_elements	0.92885
published_at	2026-04-21T12:55:00Z

value	0.09578
scoring_system	epss
scoring_elements	0.92869
published_at	2026-04-11T12:55:00Z

value	0.09578
scoring_system	epss
scoring_elements	0.9288
published_at	2026-04-18T12:55:00Z

value	0.09578
scoring_system	epss
scoring_elements	0.92868
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10188

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10188
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10188

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1811673
reference_id	1811673
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1811673

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953477
reference_id	953477
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953477

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953478
reference_id	953478
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953478

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956084
reference_id	956084
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956084

reference_url	https://security.archlinux.org/ASA-202106-20
reference_id	ASA-202106-20
reference_type
scores
url	https://security.archlinux.org/ASA-202106-20

reference_url

https://security.archlinux.org/AVG-1003

reference_id

AVG-1003

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1003

reference_url	https://access.redhat.com/errata/RHSA-2020:1318
reference_id	RHSA-2020:1318
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1318

reference_url	https://access.redhat.com/errata/RHSA-2020:1334
reference_id	RHSA-2020:1334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1334

reference_url	https://access.redhat.com/errata/RHSA-2020:1335
reference_id	RHSA-2020:1335
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1335

reference_url	https://access.redhat.com/errata/RHSA-2020:1342
reference_id	RHSA-2020:1342
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1342

reference_url	https://access.redhat.com/errata/RHSA-2020:1349
reference_id	RHSA-2020:1349
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1349

reference_url	https://access.redhat.com/errata/RHSA-2022:0011
reference_id	RHSA-2022:0011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0011

reference_url	https://access.redhat.com/errata/RHSA-2022:0158
reference_id	RHSA-2022:0158
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0158

reference_url	https://usn.ubuntu.com/5048-1/
reference_id	USN-5048-1
reference_type
scores
url	https://usn.ubuntu.com/5048-1/

reference_url	https://usn.ubuntu.com/7781-1/
reference_id	USN-7781-1
reference_type
scores
url	https://usn.ubuntu.com/7781-1/

reference_url	https://usn.ubuntu.com/USN-5048-2/
reference_id	USN-USN-5048-2
reference_type
scores
url	https://usn.ubuntu.com/USN-5048-2/

fixed_packages

url	pkg:deb/debian/inetutils@2:1.9.4-12?distro=trixie
purl	pkg:deb/debian/inetutils@2:1.9.4-12?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.9.4-12%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2020-10188

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-um87-6yps-cbfk

url VCID-unvx-tsxw-abbw

vulnerability_id VCID-unvx-tsxw-abbw

summary

A boundary error in Heimdal could result in execution of arbitrary
    code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4862.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4862.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4862

reference_id

reference_type

scores

value	0.92585
scoring_system	epss
scoring_elements	0.9974
published_at	2026-04-04T12:55:00Z

value	0.92585
scoring_system	epss
scoring_elements	0.99742
published_at	2026-04-13T12:55:00Z

value	0.92585
scoring_system	epss
scoring_elements	0.99743
published_at	2026-04-16T12:55:00Z

value	0.92585
scoring_system	epss
scoring_elements	0.99744
published_at	2026-04-18T12:55:00Z

value	0.92585
scoring_system	epss
scoring_elements	0.99745
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=770325
reference_id	770325
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=770325

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/remote/18369.rb
reference_id	CVE-2011-4862;OSVDB-78020
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/remote/18369.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18280.c
reference_id	CVE-2011-4862;OSVDB-78020
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18280.c

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18368.rb
reference_id	CVE-2011-4862;OSVDB-78020
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18368.rb

reference_url	https://security.gentoo.org/glsa/201201-14
reference_id	GLSA-201201-14
reference_type
scores
url	https://security.gentoo.org/glsa/201201-14

reference_url	https://security.gentoo.org/glsa/201202-05
reference_id	GLSA-201202-05
reference_type
scores
url	https://security.gentoo.org/glsa/201202-05

reference_url	https://access.redhat.com/errata/RHSA-2011:1851
reference_id	RHSA-2011:1851
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1851

reference_url	https://access.redhat.com/errata/RHSA-2011:1852
reference_id	RHSA-2011:1852
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1852

reference_url	https://access.redhat.com/errata/RHSA-2011:1853
reference_id	RHSA-2011:1853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1853

reference_url	https://access.redhat.com/errata/RHSA-2011:1854
reference_id	RHSA-2011:1854
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1854

fixed_packages

url	pkg:deb/debian/inetutils@2:1.8-6?distro=trixie
purl	pkg:deb/debian/inetutils@2:1.8-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.8-6%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2011-4862

risk_score 1.6

exploitability 2.0

weighted_severity 0.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-unvx-tsxw-abbw

url VCID-wfv6-euzm-7bhc

vulnerability_id VCID-wfv6-euzm-7bhc

summary telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-32772

reference_id

reference_type

scores

value	0.0003
scoring_system	epss
scoring_elements	0.08476
published_at	2026-04-02T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08546
published_at	2026-04-09T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08541
published_at	2026-04-11T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08521
published_at	2026-04-12T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08505
published_at	2026-04-13T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08532
published_at	2026-04-04T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08452
published_at	2026-04-07T12:55:00Z

value	0.0003
scoring_system	epss
scoring_elements	0.08525
published_at	2026-04-08T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09275
published_at	2026-04-18T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.14883
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-32772

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32772
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32772

reference_url

https://www.openwall.com/lists/oss-security/2026/03/13/1

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T17:02:13Z/

url

https://www.openwall.com/lists/oss-security/2026/03/13/1

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130741
reference_id	1130741
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130741

fixed_packages

url pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6xfm-qpgd-ebaw

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hm61-cd18-hycu

vulnerability	VCID-wfv6-euzm-7bhc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie

url	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
purl	pkg:deb/debian/inetutils@2:2.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie

aliases CVE-2026-32772

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wfv6-euzm-7bhc

Risk_score 4.4

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie

Package Instance