Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
Typedeb
Namespacedebian
Nameshadow
Version1:4.19.3-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1:4.19.3-2
Latest_non_vulnerable_version1:4.19.3-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2b4p-nehx-eyae
vulnerability_id VCID-2b4p-nehx-eyae
summary coreutils: tty hijacking possible in "su" via TIOCSTI ioctl
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4890.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4890.json
1
reference_url https://access.redhat.com/security/cve/cve-2005-4890
reference_id
reference_type
scores
url https://access.redhat.com/security/cve/cve-2005-4890
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-4890
reference_id
reference_type
scores
0
value 0.00135
scoring_system epss
scoring_elements 0.33167
published_at 2026-04-21T12:55:00Z
1
value 0.00135
scoring_system epss
scoring_elements 0.33226
published_at 2026-04-16T12:55:00Z
2
value 0.00135
scoring_system epss
scoring_elements 0.33203
published_at 2026-04-18T12:55:00Z
3
value 0.00135
scoring_system epss
scoring_elements 0.33176
published_at 2026-04-01T12:55:00Z
4
value 0.00135
scoring_system epss
scoring_elements 0.33304
published_at 2026-04-02T12:55:00Z
5
value 0.00135
scoring_system epss
scoring_elements 0.33336
published_at 2026-04-04T12:55:00Z
6
value 0.00135
scoring_system epss
scoring_elements 0.33169
published_at 2026-04-07T12:55:00Z
7
value 0.00135
scoring_system epss
scoring_elements 0.33212
published_at 2026-04-08T12:55:00Z
8
value 0.00135
scoring_system epss
scoring_elements 0.33246
published_at 2026-04-09T12:55:00Z
9
value 0.00135
scoring_system epss
scoring_elements 0.33249
published_at 2026-04-11T12:55:00Z
10
value 0.00135
scoring_system epss
scoring_elements 0.33209
published_at 2026-04-12T12:55:00Z
11
value 0.00135
scoring_system epss
scoring_elements 0.33185
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-4890
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2005-4890
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2005-4890
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4890
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4890
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:N/C:C/I:C/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://security-tracker.debian.org/tracker/CVE-2005-4890
reference_id
reference_type
scores
url https://security-tracker.debian.org/tracker/CVE-2005-4890
7
reference_url http://www.openwall.com/lists/oss-security/2012/11/06/8
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2012/11/06/8
8
reference_url http://www.openwall.com/lists/oss-security/2013/05/20/3
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2013/05/20/3
9
reference_url http://www.openwall.com/lists/oss-security/2013/11/28/10
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2013/11/28/10
10
reference_url http://www.openwall.com/lists/oss-security/2013/11/29/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2013/11/29/5
11
reference_url http://www.openwall.com/lists/oss-security/2014/10/20/9
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2014/10/20/9
12
reference_url http://www.openwall.com/lists/oss-security/2014/10/21/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2014/10/21/1
13
reference_url http://www.openwall.com/lists/oss-security/2014/12/15/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2014/12/15/5
14
reference_url http://www.openwall.com/lists/oss-security/2016/02/25/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2016/02/25/6
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628843
reference_id 628843
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628843
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657784
reference_id 657784
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657784
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=710208
reference_id 710208
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=710208
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:shadow:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:debian:shadow:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:shadow:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2005-4890
reference_id CVE-2005-4890
reference_type
scores
0
value 7.2
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:C/I:C/A:C
1
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2005-4890
fixed_packages
0
url pkg:deb/debian/shadow@1:4.1.5-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.1.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.1.5-1%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2005-4890
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2b4p-nehx-eyae
1
url VCID-2bqp-dcbv-9yer
vulnerability_id VCID-2bqp-dcbv-9yer
summary passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3378.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3378.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-3378
reference_id
reference_type
scores
0
value 0.00056
scoring_system epss
scoring_elements 0.17372
published_at 2026-04-16T12:55:00Z
1
value 0.00056
scoring_system epss
scoring_elements 0.17539
published_at 2026-04-02T12:55:00Z
2
value 0.00056
scoring_system epss
scoring_elements 0.17585
published_at 2026-04-04T12:55:00Z
3
value 0.00056
scoring_system epss
scoring_elements 0.17366
published_at 2026-04-07T12:55:00Z
4
value 0.00056
scoring_system epss
scoring_elements 0.17458
published_at 2026-04-08T12:55:00Z
5
value 0.00056
scoring_system epss
scoring_elements 0.17518
published_at 2026-04-09T12:55:00Z
6
value 0.00056
scoring_system epss
scoring_elements 0.17531
published_at 2026-04-11T12:55:00Z
7
value 0.00056
scoring_system epss
scoring_elements 0.17482
published_at 2026-04-12T12:55:00Z
8
value 0.00056
scoring_system epss
scoring_elements 0.17429
published_at 2026-04-13T12:55:00Z
9
value 0.00056
scoring_system epss
scoring_elements 0.17381
published_at 2026-04-18T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17413
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-3378
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3378
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3378
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=379174
reference_id 379174
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=379174
4
reference_url https://usn.ubuntu.com/308-1/
reference_id USN-308-1
reference_type
scores
url https://usn.ubuntu.com/308-1/
fixed_packages
0
url pkg:deb/debian/shadow@1:4.0.14-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.0.14-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.0.14-1%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2006-3378
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2bqp-dcbv-9yer
2
url VCID-2rhw-3aa1-k3fe
vulnerability_id VCID-2rhw-3aa1-k3fe
summary Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a system as recommended in some AIX documentation, may allow local users to gain privileges via a long command line argument.
references
0
reference_url http://marc.info/?l=vuln-dev&m=100999352406822&w=2
reference_id
reference_type
scores
url http://marc.info/?l=vuln-dev&m=100999352406822&w=2
1
reference_url http://marc.info/?l=vulnwatch&m=100998205010794&w=2
reference_id
reference_type
scores
url http://marc.info/?l=vulnwatch&m=100998205010794&w=2
2
reference_url http://publib.boulder.ibm.com/infocenter/pseries/topic/com.ibm.aix.doc/cmds/aixcmds2/grpck.htm
reference_id
reference_type
scores
url http://publib.boulder.ibm.com/infocenter/pseries/topic/com.ibm.aix.doc/cmds/aixcmds2/grpck.htm
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-1594
reference_id
reference_type
scores
0
value 0.00174
scoring_system epss
scoring_elements 0.38704
published_at 2026-04-21T12:55:00Z
1
value 0.00174
scoring_system epss
scoring_elements 0.38674
published_at 2026-04-01T12:55:00Z
2
value 0.00174
scoring_system epss
scoring_elements 0.38802
published_at 2026-04-02T12:55:00Z
3
value 0.00174
scoring_system epss
scoring_elements 0.38822
published_at 2026-04-04T12:55:00Z
4
value 0.00174
scoring_system epss
scoring_elements 0.3875
published_at 2026-04-07T12:55:00Z
5
value 0.00174
scoring_system epss
scoring_elements 0.388
published_at 2026-04-08T12:55:00Z
6
value 0.00174
scoring_system epss
scoring_elements 0.38811
published_at 2026-04-09T12:55:00Z
7
value 0.00174
scoring_system epss
scoring_elements 0.38823
published_at 2026-04-11T12:55:00Z
8
value 0.00174
scoring_system epss
scoring_elements 0.38787
published_at 2026-04-12T12:55:00Z
9
value 0.00174
scoring_system epss
scoring_elements 0.38759
published_at 2026-04-13T12:55:00Z
10
value 0.00174
scoring_system epss
scoring_elements 0.38805
published_at 2026-04-16T12:55:00Z
11
value 0.00174
scoring_system epss
scoring_elements 0.38783
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-1594
4
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/7857
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/7857
5
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/7859
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/7859
6
reference_url http://www.kb.cert.org/vuls/id/121891
reference_id
reference_type
scores
url http://www.kb.cert.org/vuls/id/121891
7
reference_url http://www.kb.cert.org/vuls/id/877811
reference_id
reference_type
scores
url http://www.kb.cert.org/vuls/id/877811
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:grpck:grpck:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:grpck:grpck:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:grpck:grpck:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pwck:pwck:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:pwck:pwck:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pwck:pwck:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2002-1594
reference_id CVE-2002-1594
reference_type
scores
0
value 7.2
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:C/I:C/A:C
url https://nvd.nist.gov/vuln/detail/CVE-2002-1594
fixed_packages
0
url pkg:deb/debian/shadow@0?distro=trixie
purl pkg:deb/debian/shadow@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@0%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2002-1594
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2rhw-3aa1-k3fe
3
url VCID-3wz1-hz4q-rqh5
vulnerability_id VCID-3wz1-hz4q-rqh5
summary 
An insecure temporary file usage in Shadow may allow local users to gain
    root privileges.
references
0
reference_url http://bugs.debian.org/332198
reference_id
reference_type
scores
url http://bugs.debian.org/332198
1
reference_url http://bugs.debian.org/505071
reference_id
reference_type
scores
url http://bugs.debian.org/505071
2
reference_url http://bugs.debian.org/505271
reference_id
reference_type
scores
url http://bugs.debian.org/505271
3
reference_url http://osvdb.org/52200
reference_id
reference_type
scores
url http://osvdb.org/52200
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5394.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5394.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-5394
reference_id
reference_type
scores
0
value 0.00083
scoring_system epss
scoring_elements 0.24299
published_at 2026-04-21T12:55:00Z
1
value 0.00083
scoring_system epss
scoring_elements 0.24346
published_at 2026-04-01T12:55:00Z
2
value 0.00083
scoring_system epss
scoring_elements 0.24472
published_at 2026-04-02T12:55:00Z
3
value 0.00083
scoring_system epss
scoring_elements 0.24506
published_at 2026-04-04T12:55:00Z
4
value 0.00083
scoring_system epss
scoring_elements 0.24289
published_at 2026-04-07T12:55:00Z
5
value 0.00083
scoring_system epss
scoring_elements 0.24357
published_at 2026-04-08T12:55:00Z
6
value 0.00083
scoring_system epss
scoring_elements 0.24401
published_at 2026-04-09T12:55:00Z
7
value 0.00083
scoring_system epss
scoring_elements 0.24417
published_at 2026-04-11T12:55:00Z
8
value 0.00083
scoring_system epss
scoring_elements 0.24375
published_at 2026-04-12T12:55:00Z
9
value 0.00083
scoring_system epss
scoring_elements 0.24319
published_at 2026-04-13T12:55:00Z
10
value 0.00083
scoring_system epss
scoring_elements 0.24336
published_at 2026-04-16T12:55:00Z
11
value 0.00083
scoring_system epss
scoring_elements 0.24326
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-5394
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5394
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5394
7
reference_url http://security.gentoo.org/glsa/glsa-200903-24.xml
reference_id
reference_type
scores
url http://security.gentoo.org/glsa/glsa-200903-24.xml
8
reference_url http://securityreason.com/securityalert/4695
reference_id
reference_type
scores
url http://securityreason.com/securityalert/4695
9
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/47037
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/47037
10
reference_url https://www.exploit-db.com/exploits/7313
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/7313
11
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2009:062
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2009:062
12
reference_url http://www.securityfocus.com/archive/1/498769/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/498769/100/0/threaded
13
reference_url http://www.securityfocus.com/bid/32552
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/32552
14
reference_url http://www.ubuntu.com/usn/usn-695-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/usn-695-1
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505271
reference_id 505271
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505271
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:shadow:4.0.18.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:debian:shadow:4.0.18.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:shadow:4.0.18.1:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-5394
reference_id CVE-2008-5394
reference_type
scores
0
value 7.2
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:C/I:C/A:C
url https://nvd.nist.gov/vuln/detail/CVE-2008-5394
18
reference_url https://security.gentoo.org/glsa/200903-24
reference_id GLSA-200903-24
reference_type
scores
url https://security.gentoo.org/glsa/200903-24
19
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/7313.sh
reference_id OSVDB-50651;CVE-2008-5394
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/7313.sh
20
reference_url https://usn.ubuntu.com/695-1/
reference_id USN-695-1
reference_type
scores
url https://usn.ubuntu.com/695-1/
fixed_packages
0
url pkg:deb/debian/shadow@1:4.1.1-6?distro=trixie
purl pkg:deb/debian/shadow@1:4.1.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.1.1-6%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2008-5394
risk_score 10.0
exploitability 2.0
weighted_severity 6.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3wz1-hz4q-rqh5
4
url VCID-74yx-3zfw-w7f2
vulnerability_id VCID-74yx-3zfw-w7f2
summary 
A vulnerability found in Shadow may allow local attackers to bypass
    security restrictions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7169.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7169.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-7169
reference_id
reference_type
scores
0
value 0.00214
scoring_system epss
scoring_elements 0.4389
published_at 2026-04-21T12:55:00Z
1
value 0.00214
scoring_system epss
scoring_elements 0.43935
published_at 2026-04-09T12:55:00Z
2
value 0.00214
scoring_system epss
scoring_elements 0.43952
published_at 2026-04-11T12:55:00Z
3
value 0.00214
scoring_system epss
scoring_elements 0.4392
published_at 2026-04-12T12:55:00Z
4
value 0.00214
scoring_system epss
scoring_elements 0.43905
published_at 2026-04-13T12:55:00Z
5
value 0.00214
scoring_system epss
scoring_elements 0.43966
published_at 2026-04-16T12:55:00Z
6
value 0.00214
scoring_system epss
scoring_elements 0.43958
published_at 2026-04-18T12:55:00Z
7
value 0.00239
scoring_system epss
scoring_elements 0.47007
published_at 2026-04-02T12:55:00Z
8
value 0.00239
scoring_system epss
scoring_elements 0.47025
published_at 2026-04-04T12:55:00Z
9
value 0.00239
scoring_system epss
scoring_elements 0.46973
published_at 2026-04-07T12:55:00Z
10
value 0.00239
scoring_system epss
scoring_elements 0.47028
published_at 2026-04-08T12:55:00Z
11
value 0.00239
scoring_system epss
scoring_elements 0.4697
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-7169
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1546241
reference_id 1546241
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1546241
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890557
reference_id 890557
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890557
6
reference_url https://security.gentoo.org/glsa/201805-09
reference_id GLSA-201805-09
reference_type
scores
url https://security.gentoo.org/glsa/201805-09
7
reference_url https://usn.ubuntu.com/5254-1/
reference_id USN-5254-1
reference_type
scores
url https://usn.ubuntu.com/5254-1/
fixed_packages
0
url pkg:deb/debian/shadow@1:4.7-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.7-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.7-1%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2018-7169
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-74yx-3zfw-w7f2
5
url VCID-a5ny-vcsw-uqh1
vulnerability_id VCID-a5ny-vcsw-uqh1
summary 
Multiple vulnerabilities have been found in Shadow, the worst of
    which might allow privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2616.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2616.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2616
reference_id
reference_type
scores
0
value 0.00062
scoring_system epss
scoring_elements 0.19207
published_at 2026-04-21T12:55:00Z
1
value 0.00062
scoring_system epss
scoring_elements 0.19295
published_at 2026-04-01T12:55:00Z
2
value 0.00062
scoring_system epss
scoring_elements 0.19429
published_at 2026-04-02T12:55:00Z
3
value 0.00062
scoring_system epss
scoring_elements 0.19477
published_at 2026-04-04T12:55:00Z
4
value 0.00062
scoring_system epss
scoring_elements 0.19195
published_at 2026-04-07T12:55:00Z
5
value 0.00062
scoring_system epss
scoring_elements 0.19273
published_at 2026-04-08T12:55:00Z
6
value 0.00062
scoring_system epss
scoring_elements 0.19325
published_at 2026-04-09T12:55:00Z
7
value 0.00062
scoring_system epss
scoring_elements 0.1933
published_at 2026-04-11T12:55:00Z
8
value 0.00062
scoring_system epss
scoring_elements 0.19282
published_at 2026-04-12T12:55:00Z
9
value 0.00062
scoring_system epss
scoring_elements 0.19227
published_at 2026-04-13T12:55:00Z
10
value 0.00062
scoring_system epss
scoring_elements 0.19187
published_at 2026-04-16T12:55:00Z
11
value 0.00062
scoring_system epss
scoring_elements 0.19196
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2616
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6252
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6252
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616
4
reference_url http://www.securitytracker.com/id/1038271
reference_id 1038271
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/
url http://www.securitytracker.com/id/1038271
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1418710
reference_id 1418710
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1418710
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855943
reference_id 855943
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855943
7
reference_url http://www.securityfocus.com/bid/96404
reference_id 96404
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/
url http://www.securityfocus.com/bid/96404
8
reference_url https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891
reference_id dffab154d29a288aa171ff50263ecc8f2e14a891
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/
url https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891
9
reference_url https://www.debian.org/security/2017/dsa-3793
reference_id dsa-3793
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/
url https://www.debian.org/security/2017/dsa-3793
10
reference_url https://security.gentoo.org/glsa/201706-02
reference_id GLSA-201706-02
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/
url https://security.gentoo.org/glsa/201706-02
11
reference_url https://access.redhat.com/errata/RHSA-2017:0654
reference_id RHSA-2017:0654
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0654
12
reference_url http://rhn.redhat.com/errata/RHSA-2017-0654.html
reference_id RHSA-2017-0654.html
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/
url http://rhn.redhat.com/errata/RHSA-2017-0654.html
13
reference_url https://access.redhat.com/errata/RHSA-2017:0907
reference_id RHSA-2017:0907
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/
url https://access.redhat.com/errata/RHSA-2017:0907
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616
reference_id show_bug.cgi?id=CVE-2017-2616
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616
15
reference_url https://usn.ubuntu.com/3276-1/
reference_id USN-3276-1
reference_type
scores
url https://usn.ubuntu.com/3276-1/
16
reference_url https://usn.ubuntu.com/3276-3/
reference_id USN-3276-3
reference_type
scores
url https://usn.ubuntu.com/3276-3/
fixed_packages
0
url pkg:deb/debian/shadow@1:4.4-4?distro=trixie
purl pkg:deb/debian/shadow@1:4.4-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.4-4%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases (+, CVE-2017-2616, fix), regression
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a5ny-vcsw-uqh1
6
url VCID-bcx3-q456-w7ad
vulnerability_id VCID-bcx3-q456-w7ad
summary shadow-utils: possible password leak during passwd(1) change
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4641.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4641.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-4641
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03295
published_at 2026-04-02T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03339
published_at 2026-04-09T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03297
published_at 2026-04-11T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03269
published_at 2026-04-12T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03249
published_at 2026-04-13T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03225
published_at 2026-04-16T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.03306
published_at 2026-04-04T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.03314
published_at 2026-04-07T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.03319
published_at 2026-04-08T12:55:00Z
9
value 0.00016
scoring_system epss
scoring_elements 0.03425
published_at 2026-04-18T12:55:00Z
10
value 0.00016
scoring_system epss
scoring_elements 0.03545
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-4641
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4641
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4641
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051062
reference_id 1051062
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051062
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2215945
reference_id 2215945
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-02T18:19:24Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2215945
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb
reference_id cpe:/a:redhat:rhel_eus:8.6::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb
reference_id cpe:/a:redhat:rhel_eus:8.8::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos
reference_id cpe:/o:redhat:rhel_eus:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
16
reference_url https://access.redhat.com/security/cve/CVE-2023-4641
reference_id CVE-2023-4641
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-02T18:19:24Z/
url https://access.redhat.com/security/cve/CVE-2023-4641
17
reference_url https://access.redhat.com/errata/RHSA-2023:6632
reference_id RHSA-2023:6632
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-02T18:19:24Z/
url https://access.redhat.com/errata/RHSA-2023:6632
18
reference_url https://access.redhat.com/errata/RHSA-2023:7112
reference_id RHSA-2023:7112
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-02T18:19:24Z/
url https://access.redhat.com/errata/RHSA-2023:7112
19
reference_url https://access.redhat.com/errata/RHSA-2024:0417
reference_id RHSA-2024:0417
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-02T18:19:24Z/
url https://access.redhat.com/errata/RHSA-2024:0417
20
reference_url https://access.redhat.com/errata/RHSA-2024:2577
reference_id RHSA-2024:2577
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-02T18:19:24Z/
url https://access.redhat.com/errata/RHSA-2024:2577
21
reference_url https://usn.ubuntu.com/6640-1/
reference_id USN-6640-1
reference_type
scores
url https://usn.ubuntu.com/6640-1/
fixed_packages
0
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-2%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
6
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
7
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2023-4641
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bcx3-q456-w7ad
7
url VCID-cabd-74q6-kug2
vulnerability_id VCID-cabd-74q6-kug2
summary The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM's nullok_secure configuration). This notably affects environments such as virtual machines automatically generated with a default blank root password, allowing all local users to escalate privileges.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-20002
reference_id
reference_type
scores
0
value 0.00052
scoring_system epss
scoring_elements 0.16147
published_at 2026-04-01T12:55:00Z
1
value 0.00052
scoring_system epss
scoring_elements 0.1633
published_at 2026-04-02T12:55:00Z
2
value 0.00052
scoring_system epss
scoring_elements 0.16391
published_at 2026-04-04T12:55:00Z
3
value 0.00052
scoring_system epss
scoring_elements 0.1619
published_at 2026-04-07T12:55:00Z
4
value 0.00052
scoring_system epss
scoring_elements 0.16276
published_at 2026-04-08T12:55:00Z
5
value 0.00052
scoring_system epss
scoring_elements 0.1634
published_at 2026-04-09T12:55:00Z
6
value 0.00052
scoring_system epss
scoring_elements 0.16321
published_at 2026-04-11T12:55:00Z
7
value 0.00052
scoring_system epss
scoring_elements 0.16282
published_at 2026-04-12T12:55:00Z
8
value 0.00052
scoring_system epss
scoring_elements 0.16214
published_at 2026-04-13T12:55:00Z
9
value 0.00052
scoring_system epss
scoring_elements 0.16151
published_at 2026-04-16T12:55:00Z
10
value 0.00052
scoring_system epss
scoring_elements 0.16168
published_at 2026-04-18T12:55:00Z
11
value 0.00052
scoring_system epss
scoring_elements 0.16206
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-20002
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20002
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914957
reference_id 914957
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914957
fixed_packages
0
url pkg:deb/debian/shadow@1:4.5-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.5-1%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2017-20002
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cabd-74q6-kug2
8
url VCID-gzq6-6n1d-jyd7
vulnerability_id VCID-gzq6-6n1d-jyd7
summary The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-1844
reference_id
reference_type
scores
0
value 0.00069
scoring_system epss
scoring_elements 0.21196
published_at 2026-04-01T12:55:00Z
1
value 0.00069
scoring_system epss
scoring_elements 0.21347
published_at 2026-04-02T12:55:00Z
2
value 0.00069
scoring_system epss
scoring_elements 0.21402
published_at 2026-04-04T12:55:00Z
3
value 0.00069
scoring_system epss
scoring_elements 0.21155
published_at 2026-04-07T12:55:00Z
4
value 0.00069
scoring_system epss
scoring_elements 0.21234
published_at 2026-04-08T12:55:00Z
5
value 0.00069
scoring_system epss
scoring_elements 0.21296
published_at 2026-04-09T12:55:00Z
6
value 0.00069
scoring_system epss
scoring_elements 0.21306
published_at 2026-04-11T12:55:00Z
7
value 0.00069
scoring_system epss
scoring_elements 0.21265
published_at 2026-04-12T12:55:00Z
8
value 0.00069
scoring_system epss
scoring_elements 0.21212
published_at 2026-04-13T12:55:00Z
9
value 0.00069
scoring_system epss
scoring_elements 0.21205
published_at 2026-04-16T12:55:00Z
10
value 0.00069
scoring_system epss
scoring_elements 0.21215
published_at 2026-04-18T12:55:00Z
11
value 0.00069
scoring_system epss
scoring_elements 0.21192
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-1844
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1844
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1844
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939
reference_id 356939
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939
fixed_packages
0
url pkg:deb/debian/shadow@1:4.0.14-9?distro=trixie
purl pkg:deb/debian/shadow@1:4.0.14-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.0.14-9%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2006-1844
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gzq6-6n1d-jyd7
9
url VCID-jbed-4gsv-xkhu
vulnerability_id VCID-jbed-4gsv-xkhu
summary 
A security issue in shadow allows a local user to perform certain actions
    with escalated privileges.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-1174.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-1174.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-1174
reference_id
reference_type
scores
0
value 0.00096
scoring_system epss
scoring_elements 0.2675
published_at 2026-04-01T12:55:00Z
1
value 0.00096
scoring_system epss
scoring_elements 0.26795
published_at 2026-04-02T12:55:00Z
2
value 0.00096
scoring_system epss
scoring_elements 0.26836
published_at 2026-04-04T12:55:00Z
3
value 0.00096
scoring_system epss
scoring_elements 0.2662
published_at 2026-04-07T12:55:00Z
4
value 0.00096
scoring_system epss
scoring_elements 0.26687
published_at 2026-04-08T12:55:00Z
5
value 0.00096
scoring_system epss
scoring_elements 0.26738
published_at 2026-04-09T12:55:00Z
6
value 0.00096
scoring_system epss
scoring_elements 0.26742
published_at 2026-04-11T12:55:00Z
7
value 0.00096
scoring_system epss
scoring_elements 0.26697
published_at 2026-04-12T12:55:00Z
8
value 0.00096
scoring_system epss
scoring_elements 0.2664
published_at 2026-04-13T12:55:00Z
9
value 0.00096
scoring_system epss
scoring_elements 0.26648
published_at 2026-04-16T12:55:00Z
10
value 0.00096
scoring_system epss
scoring_elements 0.26619
published_at 2026-04-18T12:55:00Z
11
value 0.00096
scoring_system epss
scoring_elements 0.26581
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-1174
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1174
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1174
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1618029
reference_id 1618029
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1618029
4
reference_url https://security.gentoo.org/glsa/200606-02
reference_id GLSA-200606-02
reference_type
scores
url https://security.gentoo.org/glsa/200606-02
5
reference_url https://access.redhat.com/errata/RHSA-2007:0276
reference_id RHSA-2007:0276
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0276
6
reference_url https://access.redhat.com/errata/RHSA-2007:0431
reference_id RHSA-2007:0431
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0431
fixed_packages
0
url pkg:deb/debian/shadow@1:4.0.15-10?distro=trixie
purl pkg:deb/debian/shadow@1:4.0.15-10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.0.15-10%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2006-1174
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jbed-4gsv-xkhu
10
url VCID-m3za-mkkw-p7e2
vulnerability_id VCID-m3za-mkkw-p7e2
summary shadow: Improper input validation in shadow-utils package utility chfn
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29383.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29383.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-29383
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.06977
published_at 2026-04-02T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.07011
published_at 2026-04-07T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.07031
published_at 2026-04-04T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.07066
published_at 2026-04-08T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.07096
published_at 2026-04-09T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.07104
published_at 2026-04-11T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.07092
published_at 2026-04-12T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.07082
published_at 2026-04-13T12:55:00Z
8
value 0.00028
scoring_system epss
scoring_elements 0.07911
published_at 2026-04-16T12:55:00Z
9
value 0.00031
scoring_system epss
scoring_elements 0.08745
published_at 2026-04-21T12:55:00Z
10
value 0.00031
scoring_system epss
scoring_elements 0.08592
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-29383
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29383
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034482
reference_id 1034482
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034482
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2187184
reference_id 2187184
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2187184
6
reference_url https://github.com/shadow-maint/shadow/pull/687
reference_id 687
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:21:27Z/
url https://github.com/shadow-maint/shadow/pull/687
7
reference_url https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/
reference_id cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:21:27Z/
url https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/
8
reference_url https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d
reference_id e5905c4b84d4fb90aefcd96ee618411ebfac663d
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:21:27Z/
url https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d
9
reference_url https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797
reference_id ?fid=31797
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:21:27Z/
url https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797
fixed_packages
0
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-2%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
6
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
7
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2023-29383
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3za-mkkw-p7e2
11
url VCID-m4sf-znhe-gubc
vulnerability_id VCID-m4sf-znhe-gubc
summary 
A vulnerability found in Shadow may allow remote attackers to cause
    a Denial of Service condition or produce other unspecified behaviors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12424.json
reference_id
reference_type
scores
0
value 4.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12424.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12424
reference_id
reference_type
scores
0
value 0.00583
scoring_system epss
scoring_elements 0.69008
published_at 2026-04-21T12:55:00Z
1
value 0.00583
scoring_system epss
scoring_elements 0.69007
published_at 2026-04-12T12:55:00Z
2
value 0.00583
scoring_system epss
scoring_elements 0.68978
published_at 2026-04-13T12:55:00Z
3
value 0.00583
scoring_system epss
scoring_elements 0.69019
published_at 2026-04-16T12:55:00Z
4
value 0.00583
scoring_system epss
scoring_elements 0.69028
published_at 2026-04-18T12:55:00Z
5
value 0.00633
scoring_system epss
scoring_elements 0.70323
published_at 2026-04-04T12:55:00Z
6
value 0.00633
scoring_system epss
scoring_elements 0.70345
published_at 2026-04-08T12:55:00Z
7
value 0.00633
scoring_system epss
scoring_elements 0.7036
published_at 2026-04-09T12:55:00Z
8
value 0.00633
scoring_system epss
scoring_elements 0.70384
published_at 2026-04-11T12:55:00Z
9
value 0.00633
scoring_system epss
scoring_elements 0.70293
published_at 2026-04-01T12:55:00Z
10
value 0.00633
scoring_system epss
scoring_elements 0.70306
published_at 2026-04-02T12:55:00Z
11
value 0.00633
scoring_system epss
scoring_elements 0.703
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12424
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12424
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12424
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:N/C:P/I:P/A:P
1
value 7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1478359
reference_id 1478359
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1478359
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756630
reference_id 756630
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756630
6
reference_url https://security.gentoo.org/glsa/201710-16
reference_id GLSA-201710-16
reference_type
scores
url https://security.gentoo.org/glsa/201710-16
7
reference_url https://usn.ubuntu.com/5254-1/
reference_id USN-5254-1
reference_type
scores
url https://usn.ubuntu.com/5254-1/
fixed_packages
0
url pkg:deb/debian/shadow@1:4.5-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.5-1%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2017-12424
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m4sf-znhe-gubc
12
url VCID-m7wk-m2nu-abgf
vulnerability_id VCID-m7wk-m2nu-abgf
summary The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service (disk consumption).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-1376
reference_id
reference_type
scores
0
value 0.00047
scoring_system epss
scoring_elements 0.14684
published_at 2026-04-12T12:55:00Z
1
value 0.00047
scoring_system epss
scoring_elements 0.14734
published_at 2026-04-02T12:55:00Z
2
value 0.00047
scoring_system epss
scoring_elements 0.14809
published_at 2026-04-04T12:55:00Z
3
value 0.00047
scoring_system epss
scoring_elements 0.14613
published_at 2026-04-07T12:55:00Z
4
value 0.00047
scoring_system epss
scoring_elements 0.14702
published_at 2026-04-08T12:55:00Z
5
value 0.00047
scoring_system epss
scoring_elements 0.14762
published_at 2026-04-09T12:55:00Z
6
value 0.00047
scoring_system epss
scoring_elements 0.14722
published_at 2026-04-11T12:55:00Z
7
value 0.00047
scoring_system epss
scoring_elements 0.1463
published_at 2026-04-13T12:55:00Z
8
value 0.00047
scoring_system epss
scoring_elements 0.14521
published_at 2026-04-16T12:55:00Z
9
value 0.00047
scoring_system epss
scoring_elements 0.14527
published_at 2026-04-18T12:55:00Z
10
value 0.00047
scoring_system epss
scoring_elements 0.14592
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-1376
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1376
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939
reference_id 356939
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939
fixed_packages
0
url pkg:deb/debian/shadow@1:4.0.14-9?distro=trixie
purl pkg:deb/debian/shadow@1:4.0.14-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.0.14-9%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2006-1376
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m7wk-m2nu-abgf
13
url VCID-nx6h-9y1e-2ybh
vulnerability_id VCID-nx6h-9y1e-2ybh
summary The Ubuntu 5.10 installer does not properly clear passwords from the installer log file (questions.dat), and leaves the log file with world-readable permissions, which allows local users to gain privileges.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-1183
reference_id
reference_type
scores
0
value 0.00097
scoring_system epss
scoring_elements 0.26887
published_at 2026-04-01T12:55:00Z
1
value 0.00097
scoring_system epss
scoring_elements 0.26927
published_at 2026-04-02T12:55:00Z
2
value 0.00097
scoring_system epss
scoring_elements 0.26963
published_at 2026-04-04T12:55:00Z
3
value 0.00097
scoring_system epss
scoring_elements 0.26754
published_at 2026-04-07T12:55:00Z
4
value 0.00097
scoring_system epss
scoring_elements 0.26822
published_at 2026-04-08T12:55:00Z
5
value 0.00097
scoring_system epss
scoring_elements 0.26869
published_at 2026-04-09T12:55:00Z
6
value 0.00097
scoring_system epss
scoring_elements 0.26872
published_at 2026-04-11T12:55:00Z
7
value 0.00097
scoring_system epss
scoring_elements 0.26828
published_at 2026-04-12T12:55:00Z
8
value 0.00097
scoring_system epss
scoring_elements 0.26771
published_at 2026-04-13T12:55:00Z
9
value 0.00097
scoring_system epss
scoring_elements 0.26778
published_at 2026-04-16T12:55:00Z
10
value 0.00097
scoring_system epss
scoring_elements 0.2675
published_at 2026-04-18T12:55:00Z
11
value 0.00097
scoring_system epss
scoring_elements 0.26712
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-1183
1
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/1579.pl
reference_id OSVDB-23868;CVE-2006-1183
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/1579.pl
fixed_packages
0
url pkg:deb/debian/shadow@0?distro=trixie
purl pkg:deb/debian/shadow@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@0%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2006-1183
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nx6h-9y1e-2ybh
14
url VCID-r9a4-2dw5-4bgq
vulnerability_id VCID-r9a4-2dw5-4bgq
summary 
Multiple Shadow utilities were installed with setuid permissions,
    allowing possible root privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19882.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19882.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19882
reference_id
reference_type
scores
0
value 0.00094
scoring_system epss
scoring_elements 0.26202
published_at 2026-04-01T12:55:00Z
1
value 0.00094
scoring_system epss
scoring_elements 0.26282
published_at 2026-04-02T12:55:00Z
2
value 0.00094
scoring_system epss
scoring_elements 0.26324
published_at 2026-04-04T12:55:00Z
3
value 0.00094
scoring_system epss
scoring_elements 0.26096
published_at 2026-04-07T12:55:00Z
4
value 0.00094
scoring_system epss
scoring_elements 0.26163
published_at 2026-04-08T12:55:00Z
5
value 0.00094
scoring_system epss
scoring_elements 0.26211
published_at 2026-04-09T12:55:00Z
6
value 0.00094
scoring_system epss
scoring_elements 0.2622
published_at 2026-04-11T12:55:00Z
7
value 0.00094
scoring_system epss
scoring_elements 0.26174
published_at 2026-04-12T12:55:00Z
8
value 0.00094
scoring_system epss
scoring_elements 0.26115
published_at 2026-04-13T12:55:00Z
9
value 0.00094
scoring_system epss
scoring_elements 0.26119
published_at 2026-04-16T12:55:00Z
10
value 0.00094
scoring_system epss
scoring_elements 0.26097
published_at 2026-04-18T12:55:00Z
11
value 0.00094
scoring_system epss
scoring_elements 0.2606
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19882
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19882
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19882
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1788452
reference_id 1788452
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1788452
4
reference_url https://security.archlinux.org/ASA-201912-4
reference_id ASA-201912-4
reference_type
scores
url https://security.archlinux.org/ASA-201912-4
5
reference_url https://security.archlinux.org/AVG-1079
reference_id AVG-1079
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1079
6
reference_url https://security.gentoo.org/glsa/202008-09
reference_id GLSA-202008-09
reference_type
scores
url https://security.gentoo.org/glsa/202008-09
fixed_packages
0
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2019-19882
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r9a4-2dw5-4bgq
15
url VCID-shuq-ufcc-ruf5
vulnerability_id VCID-shuq-ufcc-ruf5
summary A TOCTOU race has been discovered in Shadow, which could result in the unauthorized modification of files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4235.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4235.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4235
reference_id
reference_type
scores
0
value 0.00058
scoring_system epss
scoring_elements 0.18107
published_at 2026-04-01T12:55:00Z
1
value 0.00058
scoring_system epss
scoring_elements 0.18264
published_at 2026-04-02T12:55:00Z
2
value 0.00058
scoring_system epss
scoring_elements 0.18317
published_at 2026-04-04T12:55:00Z
3
value 0.00058
scoring_system epss
scoring_elements 0.18019
published_at 2026-04-07T12:55:00Z
4
value 0.00058
scoring_system epss
scoring_elements 0.18102
published_at 2026-04-08T12:55:00Z
5
value 0.00058
scoring_system epss
scoring_elements 0.18163
published_at 2026-04-09T12:55:00Z
6
value 0.00059
scoring_system epss
scoring_elements 0.18427
published_at 2026-04-13T12:55:00Z
7
value 0.00059
scoring_system epss
scoring_elements 0.18526
published_at 2026-04-11T12:55:00Z
8
value 0.00059
scoring_system epss
scoring_elements 0.18478
published_at 2026-04-12T12:55:00Z
9
value 0.00059
scoring_system epss
scoring_elements 0.18371
published_at 2026-04-16T12:55:00Z
10
value 0.0006
scoring_system epss
scoring_elements 0.18876
published_at 2026-04-21T12:55:00Z
11
value 0.0006
scoring_system epss
scoring_elements 0.18864
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4235
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950
reference_id 778950
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=884658
reference_id 884658
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=884658
6
reference_url https://security.gentoo.org/glsa/202210-26
reference_id GLSA-202210-26
reference_type
scores
url https://security.gentoo.org/glsa/202210-26
7
reference_url https://usn.ubuntu.com/5745-1/
reference_id USN-5745-1
reference_type
scores
url https://usn.ubuntu.com/5745-1/
fixed_packages
0
url pkg:deb/debian/shadow@1:4.12.3%2Bdfsg1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.12.3%2Bdfsg1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.12.3%252Bdfsg1-1%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2013-4235
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-shuq-ufcc-ruf5
16
url VCID-ueu4-n6bt-xfat
vulnerability_id VCID-ueu4-n6bt-xfat
summary 
Multiple vulnerabilities have been found in Shadow, the worst of
    which might allow privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6252.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6252.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6252
reference_id
reference_type
scores
0
value 0.00103
scoring_system epss
scoring_elements 0.28229
published_at 2026-04-01T12:55:00Z
1
value 0.00103
scoring_system epss
scoring_elements 0.28099
published_at 2026-04-21T12:55:00Z
2
value 0.00103
scoring_system epss
scoring_elements 0.28161
published_at 2026-04-16T12:55:00Z
3
value 0.00103
scoring_system epss
scoring_elements 0.28142
published_at 2026-04-18T12:55:00Z
4
value 0.00103
scoring_system epss
scoring_elements 0.28299
published_at 2026-04-02T12:55:00Z
5
value 0.00103
scoring_system epss
scoring_elements 0.28343
published_at 2026-04-04T12:55:00Z
6
value 0.00103
scoring_system epss
scoring_elements 0.28134
published_at 2026-04-07T12:55:00Z
7
value 0.00103
scoring_system epss
scoring_elements 0.282
published_at 2026-04-08T12:55:00Z
8
value 0.00103
scoring_system epss
scoring_elements 0.28243
published_at 2026-04-09T12:55:00Z
9
value 0.00103
scoring_system epss
scoring_elements 0.28249
published_at 2026-04-11T12:55:00Z
10
value 0.00103
scoring_system epss
scoring_elements 0.28206
published_at 2026-04-12T12:55:00Z
11
value 0.00103
scoring_system epss
scoring_elements 0.28148
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6252
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6252
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6252
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:S/C:P/I:P/A:P
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1358625
reference_id 1358625
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1358625
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832170
reference_id 832170
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832170
7
reference_url https://security.gentoo.org/glsa/201706-02
reference_id GLSA-201706-02
reference_type
scores
url https://security.gentoo.org/glsa/201706-02
8
reference_url https://usn.ubuntu.com/3276-1/
reference_id USN-3276-1
reference_type
scores
url https://usn.ubuntu.com/3276-1/
fixed_packages
0
url pkg:deb/debian/shadow@1:4.4-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.4-1%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2016-6252
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ueu4-n6bt-xfat
17
url VCID-w9fj-dfb7-z3gd
vulnerability_id VCID-w9fj-dfb7-z3gd
summary shadow-utils: useradd-mkdirs.patch creates intermediate directories with 0777
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16588.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16588.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16588
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.13543
published_at 2026-04-01T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13643
published_at 2026-04-02T12:55:00Z
2
value 0.00044
scoring_system epss
scoring_elements 0.13704
published_at 2026-04-04T12:55:00Z
3
value 0.00044
scoring_system epss
scoring_elements 0.13507
published_at 2026-04-21T12:55:00Z
4
value 0.00044
scoring_system epss
scoring_elements 0.13588
published_at 2026-04-08T12:55:00Z
5
value 0.00044
scoring_system epss
scoring_elements 0.13638
published_at 2026-04-09T12:55:00Z
6
value 0.00044
scoring_system epss
scoring_elements 0.13609
published_at 2026-04-11T12:55:00Z
7
value 0.00044
scoring_system epss
scoring_elements 0.13573
published_at 2026-04-12T12:55:00Z
8
value 0.00044
scoring_system epss
scoring_elements 0.13525
published_at 2026-04-13T12:55:00Z
9
value 0.00044
scoring_system epss
scoring_elements 0.13438
published_at 2026-04-16T12:55:00Z
10
value 0.00044
scoring_system epss
scoring_elements 0.13433
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16588
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1626123
reference_id 1626123
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1626123
fixed_packages
0
url pkg:deb/debian/shadow@0?distro=trixie
purl pkg:deb/debian/shadow@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@0%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2018-16588
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w9fj-dfb7-z3gd
18
url VCID-y9eh-xkcp-wqcs
vulnerability_id VCID-y9eh-xkcp-wqcs
summary passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password blank instead of locking it when the administrator selects the "Go Back" option after the final "Installation complete" message and uses the main menu, which causes the password to be zeroed out in the installer's memory.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-3597
reference_id
reference_type
scores
0
value 0.00056
scoring_system epss
scoring_elements 0.17567
published_at 2026-04-01T12:55:00Z
1
value 0.00056
scoring_system epss
scoring_elements 0.1773
published_at 2026-04-02T12:55:00Z
2
value 0.00056
scoring_system epss
scoring_elements 0.17777
published_at 2026-04-04T12:55:00Z
3
value 0.00056
scoring_system epss
scoring_elements 0.17505
published_at 2026-04-07T12:55:00Z
4
value 0.00056
scoring_system epss
scoring_elements 0.17594
published_at 2026-04-08T12:55:00Z
5
value 0.00056
scoring_system epss
scoring_elements 0.17655
published_at 2026-04-09T12:55:00Z
6
value 0.00056
scoring_system epss
scoring_elements 0.17673
published_at 2026-04-11T12:55:00Z
7
value 0.00056
scoring_system epss
scoring_elements 0.17626
published_at 2026-04-12T12:55:00Z
8
value 0.00056
scoring_system epss
scoring_elements 0.17574
published_at 2026-04-13T12:55:00Z
9
value 0.00056
scoring_system epss
scoring_elements 0.17519
published_at 2026-04-16T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17528
published_at 2026-04-18T12:55:00Z
11
value 0.00056
scoring_system epss
scoring_elements 0.17562
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-3597
fixed_packages
0
url pkg:deb/debian/shadow@0?distro=trixie
purl pkg:deb/debian/shadow@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@0%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2006-3597
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y9eh-xkcp-wqcs
19
url VCID-z4em-vwpw-efd7
vulnerability_id VCID-z4em-vwpw-efd7
summary Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.
references
0
reference_url http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000894
reference_id
reference_type
scores
url http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000894
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-1001
reference_id
reference_type
scores
0
value 0.00081
scoring_system epss
scoring_elements 0.23881
published_at 2026-04-21T12:55:00Z
1
value 0.00081
scoring_system epss
scoring_elements 0.23923
published_at 2026-04-01T12:55:00Z
2
value 0.00081
scoring_system epss
scoring_elements 0.24048
published_at 2026-04-02T12:55:00Z
3
value 0.00081
scoring_system epss
scoring_elements 0.24087
published_at 2026-04-04T12:55:00Z
4
value 0.00081
scoring_system epss
scoring_elements 0.23869
published_at 2026-04-07T12:55:00Z
5
value 0.00081
scoring_system epss
scoring_elements 0.23936
published_at 2026-04-08T12:55:00Z
6
value 0.00081
scoring_system epss
scoring_elements 0.23983
published_at 2026-04-09T12:55:00Z
7
value 0.00081
scoring_system epss
scoring_elements 0.23999
published_at 2026-04-11T12:55:00Z
8
value 0.00081
scoring_system epss
scoring_elements 0.23956
published_at 2026-04-12T12:55:00Z
9
value 0.00081
scoring_system epss
scoring_elements 0.23899
published_at 2026-04-18T12:55:00Z
10
value 0.00081
scoring_system epss
scoring_elements 0.23909
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-1001
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1001
3
reference_url http://secunia.com/advisories/13028
reference_id
reference_type
scores
url http://secunia.com/advisories/13028
4
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/17902
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/17902
5
reference_url http://www.debian.org/security/2004/dsa-585
reference_id
reference_type
scores
url http://www.debian.org/security/2004/dsa-585
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=309587
reference_id 309587
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=309587
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:shadow:4.0.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:debian:shadow:4.0.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:shadow:4.0.4.1:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2004-1001
reference_id CVE-2004-1001
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2004-1001
9
reference_url https://usn.ubuntu.com/17-1/
reference_id USN-17-1
reference_type
scores
url https://usn.ubuntu.com/17-1/
fixed_packages
0
url pkg:deb/debian/shadow@1:4.0.3-35?distro=trixie
purl pkg:deb/debian/shadow@1:4.0.3-35?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.0.3-35%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2004-1001
risk_score 2.0
exploitability 0.5
weighted_severity 4.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z4em-vwpw-efd7
20
url VCID-zbq9-jt94-ckhd
vulnerability_id VCID-zbq9-jt94-ckhd
summary 
This GLSA contains notification of vulnerabilities found in several
    Gentoo packages which have been fixed prior to January 1, 2012. The worst
    of these vulnerabilities could lead to local privilege escalation and
    remote code execution. Please see the package list and CVE identifiers
    below for more information.
references
0
reference_url http://osvdb.org/70895
reference_id
reference_type
scores
url http://osvdb.org/70895
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0721.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0721.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0721
reference_id
reference_type
scores
0
value 0.0142
scoring_system epss
scoring_elements 0.80623
published_at 2026-04-21T12:55:00Z
1
value 0.0142
scoring_system epss
scoring_elements 0.80532
published_at 2026-04-01T12:55:00Z
2
value 0.0142
scoring_system epss
scoring_elements 0.80539
published_at 2026-04-02T12:55:00Z
3
value 0.0142
scoring_system epss
scoring_elements 0.80561
published_at 2026-04-04T12:55:00Z
4
value 0.0142
scoring_system epss
scoring_elements 0.80553
published_at 2026-04-07T12:55:00Z
5
value 0.0142
scoring_system epss
scoring_elements 0.80582
published_at 2026-04-08T12:55:00Z
6
value 0.0142
scoring_system epss
scoring_elements 0.80592
published_at 2026-04-09T12:55:00Z
7
value 0.0142
scoring_system epss
scoring_elements 0.80609
published_at 2026-04-11T12:55:00Z
8
value 0.0142
scoring_system epss
scoring_elements 0.80596
published_at 2026-04-12T12:55:00Z
9
value 0.0142
scoring_system epss
scoring_elements 0.80588
published_at 2026-04-13T12:55:00Z
10
value 0.0142
scoring_system epss
scoring_elements 0.80617
published_at 2026-04-16T12:55:00Z
11
value 0.0142
scoring_system epss
scoring_elements 0.80619
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0721
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0721
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0721
4
reference_url http://secunia.com/advisories/42505
reference_id
reference_type
scores
url http://secunia.com/advisories/42505
5
reference_url http://secunia.com/advisories/43345
reference_id
reference_type
scores
url http://secunia.com/advisories/43345
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/65564
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/65564
7
reference_url http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.380014
reference_id
reference_type
scores
url http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.380014
8
reference_url http://www.debian.org/security/2011/dsa-2164
reference_id
reference_type
scores
url http://www.debian.org/security/2011/dsa-2164
9
reference_url http://www.securityfocus.com/bid/46426
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/46426
10
reference_url http://www.ubuntu.com/usn/USN-1065-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1065-1
11
reference_url http://www.vupen.com/english/advisories/2011/0396
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2011/0396
12
reference_url http://www.vupen.com/english/advisories/2011/0398
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2011/0398
13
reference_url http://www.vupen.com/english/advisories/2011/0773
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2011/0773
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=678897
reference_id 678897
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=678897
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:shadow:1\:4.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:debian:shadow:1\:4.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:shadow:1\:4.1.4:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-0721
reference_id CVE-2011-0721
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2011-0721
17
reference_url https://security.gentoo.org/glsa/201412-09
reference_id GLSA-201412-09
reference_type
scores
url https://security.gentoo.org/glsa/201412-09
18
reference_url https://usn.ubuntu.com/1065-1/
reference_id USN-1065-1
reference_type
scores
url https://usn.ubuntu.com/1065-1/
fixed_packages
0
url pkg:deb/debian/shadow@1:4.1.4.2%2Bsvn3283-3?distro=trixie
purl pkg:deb/debian/shadow@1:4.1.4.2%2Bsvn3283-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.1.4.2%252Bsvn3283-3%3Fdistro=trixie
1
url pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.8.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-shuq-ufcc-ruf5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.8.1-1%3Fdistro=trixie
2
url pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/shadow@1:4.13%2Bdfsg1-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.13%252Bdfsg1-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.17.4-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.17.4-2%3Fdistro=trixie
4
url pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie
5
url pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
purl pkg:deb/debian/shadow@1:4.19.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-2%3Fdistro=trixie
aliases CVE-2011-0721
risk_score 2.9
exploitability 0.5
weighted_severity 5.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zbq9-jt94-ckhd
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/shadow@1:4.19.3-1%3Fdistro=trixie