Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/99442?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/99442?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie", "type": "deb", "namespace": "debian", "name": "inetutils", "version": "2:2.4-2+deb12u3", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2:2.4-3", "latest_non_vulnerable_version": "2:2.8-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73722?format=api", "vulnerability_id": "VCID-4ke9-jwzb-q7hf", "summary": "The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40491", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56886", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40491" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993476", "reference_id": "993476", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993476" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99455?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99444?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99453?format=api", "purl": "pkg:deb/debian/inetutils@2:2.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99442?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99446?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99445?format=api", "purl": "pkg:deb/debian/inetutils@2:2.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-40491" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ke9-jwzb-q7hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73724?format=api", "vulnerability_id": "VCID-4u7r-qpkp-b3gd", "summary": "GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.", "references": [ { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1049365", "reference_id": "1049365", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1049365" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99444?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99458?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99442?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99460?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99446?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99445?format=api", "purl": "pkg:deb/debian/inetutils@2:2.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-40303" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4u7r-qpkp-b3gd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72438?format=api", "vulnerability_id": "VCID-53pj-pwxv-qqhv", "summary": "Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4862.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4862.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4862", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.92585", "scoring_system": "epss", "scoring_elements": "0.99755", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4862" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=770325", "reference_id": "770325", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=770325" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/remote/18369.rb", "reference_id": "CVE-2011-4862;OSVDB-78020", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/remote/18369.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18280.c", "reference_id": "CVE-2011-4862;OSVDB-78020", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18280.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18368.rb", "reference_id": "CVE-2011-4862;OSVDB-78020", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18368.rb" }, { "reference_url": "https://security.gentoo.org/glsa/201201-14", "reference_id": "GLSA-201201-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-14" }, { "reference_url": "https://security.gentoo.org/glsa/201202-05", "reference_id": "GLSA-201202-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201202-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1851", "reference_id": "RHSA-2011:1851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1852", "reference_id": "RHSA-2011:1852", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1852" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1853", "reference_id": "RHSA-2011:1853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1854", "reference_id": "RHSA-2011:1854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1854" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99448?format=api", "purl": "pkg:deb/debian/inetutils@2:1.8-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.8-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99444?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99442?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99446?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99445?format=api", "purl": "pkg:deb/debian/inetutils@2:2.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-4862" ], "risk_score": 1.6, "exploitability": "2.0", "weighted_severity": "0.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-53pj-pwxv-qqhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73726?format=api", "vulnerability_id": "VCID-6h3n-19b6-mqd4", "summary": "telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.", "references": [], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99444?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99463?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99442?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99467?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99446?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99466?format=api", "purl": "pkg:deb/debian/inetutils@2:2.7-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99445?format=api", "purl": "pkg:deb/debian/inetutils@2:2.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-28372" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6h3n-19b6-mqd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73728?format=api", "vulnerability_id": "VCID-76sg-144a-hbfc", "summary": "telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.", "references": [ { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130741", "reference_id": "1130741", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130741" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99444?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99463?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99442?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99446?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99469?format=api", "purl": "pkg:deb/debian/inetutils@2:2.7-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99445?format=api", "purl": "pkg:deb/debian/inetutils@2:2.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-32772" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-76sg-144a-hbfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59256?format=api", "vulnerability_id": "VCID-f3v6-nfu3-4yes", "summary": "Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-1485", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01636", "scoring_system": "epss", "scoring_elements": "0.82261", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-1485" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99443?format=api", "purl": "pkg:deb/debian/inetutils@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99444?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99442?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99446?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99445?format=api", "purl": "pkg:deb/debian/inetutils@2:2.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-1485" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f3v6-nfu3-4yes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73719?format=api", "vulnerability_id": "VCID-g7dr-zw6q-4qbn", "summary": "Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 20071127, and 20100214 on Mandriva Linux allows remote attackers to cause a denial of service (hang) via a crafted echo response.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2529.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2529.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2529", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72743", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2529" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=613819", "reference_id": "613819", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=613819" }, { "reference_url": "https://security.gentoo.org/glsa/201412-08", "reference_id": "GLSA-201412-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99447?format=api", "purl": "pkg:deb/debian/inetutils@2:1.9-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.9-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99444?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99442?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99446?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99445?format=api", "purl": "pkg:deb/debian/inetutils@2:2.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-2529" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g7dr-zw6q-4qbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73725?format=api", "vulnerability_id": "VCID-jz3v-jq7w-hqgx", "summary": "telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a \"-f root\" value for the USER environment variable.", "references": [ { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126047", "reference_id": "1126047", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126047" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52524.py", "reference_id": "CVE-2026-24061", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52524.py" }, { "reference_url": "https://security.gentoo.org/glsa/202601-01", "reference_id": "GLSA-202601-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202601-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99444?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99463?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99462?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99442?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99465?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99446?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99464?format=api", "purl": "pkg:deb/debian/inetutils@2:2.7-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99445?format=api", "purl": "pkg:deb/debian/inetutils@2:2.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-24061" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jz3v-jq7w-hqgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73727?format=api", "vulnerability_id": "VCID-maan-8v51-n3fp", "summary": "telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.", "references": [ { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130742", "reference_id": "1130742", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130742" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52556.py", "reference_id": "CVE-2026-32746", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52556.py" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99444?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99463?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99442?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99446?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99468?format=api", "purl": "pkg:deb/debian/inetutils@2:2.7-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99445?format=api", "purl": "pkg:deb/debian/inetutils@2:2.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-32746" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-maan-8v51-n3fp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5502?format=api", "vulnerability_id": "VCID-sdae-zzg1-r3cq", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29719", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0053" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0053" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945861", "reference_id": "945861", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945861" }, { "reference_url": "https://security.archlinux.org/ASA-202106-20", "reference_id": "ASA-202106-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-20" }, { "reference_url": "https://security.archlinux.org/AVG-1003", "reference_id": "AVG-1003", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1003" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99451?format=api", "purl": "pkg:deb/debian/inetutils@2:1.9.4-11?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.9.4-11%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99444?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99442?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99446?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99445?format=api", "purl": "pkg:deb/debian/inetutils@2:2.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-0053" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sdae-zzg1-r3cq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5501?format=api", "vulnerability_id": "VCID-v5ku-1gf2-bycq", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10188.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10188.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10188", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08404", "scoring_system": "epss", "scoring_elements": "0.92469", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10188" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10188" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1811673", "reference_id": "1811673", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1811673" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953477", "reference_id": "953477", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953477" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953478", "reference_id": "953478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953478" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956084", "reference_id": "956084", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956084" }, { "reference_url": "https://security.archlinux.org/ASA-202106-20", "reference_id": "ASA-202106-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-20" }, { "reference_url": "https://security.archlinux.org/AVG-1003", "reference_id": "AVG-1003", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1318", "reference_id": "RHSA-2020:1318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1334", "reference_id": "RHSA-2020:1334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1335", "reference_id": "RHSA-2020:1335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1342", "reference_id": "RHSA-2020:1342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1349", "reference_id": "RHSA-2020:1349", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0011", "reference_id": "RHSA-2022:0011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0158", "reference_id": "RHSA-2022:0158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0158" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99452?format=api", "purl": "pkg:deb/debian/inetutils@2:1.9.4-12?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.9.4-12%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99444?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99442?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99446?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99445?format=api", "purl": "pkg:deb/debian/inetutils@2:2.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-10188" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v5ku-1gf2-bycq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73723?format=api", "vulnerability_id": "VCID-xzea-av55-ykfg", "summary": "telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short time interval, the telnet service would become unavailable after inetd logs a \"telnet/tcp server failing (looping), service terminated\" error. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39028.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39028.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-39028", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59053", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-39028" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126045", "reference_id": "2126045", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126045" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99455?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99444?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99456?format=api", "purl": "pkg:deb/debian/inetutils@2:2.3-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.3-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99442?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99446?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99445?format=api", "purl": "pkg:deb/debian/inetutils@2:2.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-39028" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xzea-av55-ykfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73721?format=api", "vulnerability_id": "VCID-yk2c-4yjc-d3cw", "summary": "rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3634.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3634.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3634", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.29383", "scoring_system": "epss", "scoring_elements": "0.96693", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3634" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1142373", "reference_id": "1142373", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1142373" }, { "reference_url": "https://security.gentoo.org/glsa/201412-35", "reference_id": "GLSA-201412-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-35" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1397", "reference_id": "RHSA-2014:1397", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1397" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1654", "reference_id": "RHSA-2014:1654", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1654" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1671", "reference_id": "RHSA-2014:1671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1671" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99449?format=api", "purl": "pkg:deb/debian/inetutils@2:1.9.2.39.3a460-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.9.2.39.3a460-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99444?format=api", "purl": "pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99442?format=api", "purl": "pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99446?format=api", "purl": "pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99445?format=api", "purl": "pkg:deb/debian/inetutils@2:2.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3634" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yk2c-4yjc-d3cw" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie" }