Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/72126?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72126?format=api", "vulnerability_id": "VCID-22yj-um9m-8bfa", "summary": "Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.", "aliases": [ { "alias": "CVE-2005-1228" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/98239?format=api", "purl": "pkg:deb/debian/gzip@1.3.5-10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/5343?format=api", "purl": "pkg:deb/debian/gzip@1.3.5-10sarge2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9ehy-my4r-qbbe" }, { "vulnerability": "VCID-9jab-xz6n-g3h6" }, { "vulnerability": "VCID-psqw-be2n-ufcn" }, { "vulnerability": "VCID-u3sv-pcka-gfea" }, { "vulnerability": "VCID-up3n-ccgt-c3e7" }, { "vulnerability": "VCID-vg3a-h2pv-xqab" }, { "vulnerability": "VCID-wbym-cf79-rfd3" }, { "vulnerability": "VCID-yep2-pmhw-bkgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-10sarge2" }, { "url": "http://public2.vulnerablecode.io/api/packages/98232?format=api", "purl": "pkg:deb/debian/gzip@1.10-4%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.10-4%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/98230?format=api", "purl": "pkg:deb/debian/gzip@1.12-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.12-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/98233?format=api", "purl": "pkg:deb/debian/gzip@1.13-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.13-1%3Fdistro=trixie" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5339?format=api", "purl": "pkg:deb/debian/gzip@1.2.4-27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22yj-um9m-8bfa" }, { "vulnerability": "VCID-353d-d1cj-5ka9" }, { "vulnerability": "VCID-9ehy-my4r-qbbe" }, { "vulnerability": "VCID-9jab-xz6n-g3h6" }, { "vulnerability": "VCID-ahfm-5k5y-zqa6" }, { "vulnerability": "VCID-jq8f-p32j-pqbh" }, { "vulnerability": "VCID-nxe3-44cq-2ybe" }, { "vulnerability": "VCID-psqw-be2n-ufcn" }, { "vulnerability": "VCID-u3sv-pcka-gfea" }, { "vulnerability": "VCID-up3n-ccgt-c3e7" }, { "vulnerability": "VCID-vb2n-e9k4-kfat" }, { "vulnerability": "VCID-vg3a-h2pv-xqab" }, { "vulnerability": "VCID-wbym-cf79-rfd3" }, { "vulnerability": "VCID-yep2-pmhw-bkgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.2.4-27" }, { "url": "http://public2.vulnerablecode.io/api/packages/5340?format=api", "purl": "pkg:deb/debian/gzip@1.2.4-28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22yj-um9m-8bfa" }, { "vulnerability": "VCID-353d-d1cj-5ka9" }, { "vulnerability": "VCID-9ehy-my4r-qbbe" }, { "vulnerability": "VCID-9jab-xz6n-g3h6" }, { "vulnerability": "VCID-ahfm-5k5y-zqa6" }, { "vulnerability": "VCID-jq8f-p32j-pqbh" }, { "vulnerability": "VCID-nxe3-44cq-2ybe" }, { "vulnerability": "VCID-psqw-be2n-ufcn" }, { "vulnerability": "VCID-u3sv-pcka-gfea" }, { "vulnerability": "VCID-up3n-ccgt-c3e7" }, { "vulnerability": "VCID-vb2n-e9k4-kfat" }, { "vulnerability": "VCID-vg3a-h2pv-xqab" }, { "vulnerability": "VCID-wbym-cf79-rfd3" }, { "vulnerability": "VCID-yep2-pmhw-bkgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.2.4-28" }, { "url": "http://public2.vulnerablecode.io/api/packages/5341?format=api", "purl": "pkg:deb/debian/gzip@1.2.4-33.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22yj-um9m-8bfa" }, { "vulnerability": "VCID-353d-d1cj-5ka9" }, { "vulnerability": "VCID-9ehy-my4r-qbbe" }, { "vulnerability": "VCID-9jab-xz6n-g3h6" }, { "vulnerability": "VCID-ahfm-5k5y-zqa6" }, { "vulnerability": "VCID-jq8f-p32j-pqbh" }, { "vulnerability": "VCID-nxe3-44cq-2ybe" }, { "vulnerability": "VCID-psqw-be2n-ufcn" }, { "vulnerability": "VCID-u3sv-pcka-gfea" }, { "vulnerability": "VCID-up3n-ccgt-c3e7" }, { "vulnerability": "VCID-vb2n-e9k4-kfat" }, { "vulnerability": "VCID-vg3a-h2pv-xqab" }, { "vulnerability": "VCID-wbym-cf79-rfd3" }, { "vulnerability": "VCID-yep2-pmhw-bkgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.2.4-33.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5342?format=api", "purl": "pkg:deb/debian/gzip@1.3.2-3woody3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22yj-um9m-8bfa" }, { "vulnerability": "VCID-353d-d1cj-5ka9" }, { "vulnerability": "VCID-9ehy-my4r-qbbe" }, { "vulnerability": "VCID-9jab-xz6n-g3h6" }, { "vulnerability": "VCID-ahfm-5k5y-zqa6" }, { "vulnerability": "VCID-jq8f-p32j-pqbh" }, { "vulnerability": "VCID-nxe3-44cq-2ybe" }, { "vulnerability": "VCID-psqw-be2n-ufcn" }, { "vulnerability": "VCID-u3sv-pcka-gfea" }, { "vulnerability": "VCID-up3n-ccgt-c3e7" }, { "vulnerability": "VCID-vb2n-e9k4-kfat" }, { "vulnerability": "VCID-vg3a-h2pv-xqab" }, { "vulnerability": "VCID-wbym-cf79-rfd3" }, { "vulnerability": "VCID-yep2-pmhw-bkgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.2-3woody3" }, { "url": "http://public2.vulnerablecode.io/api/packages/187526?format=api", "purl": "pkg:rpm/redhat/gzip@1.3.3-12?arch=rhel3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22yj-um9m-8bfa" }, { "vulnerability": "VCID-jq8f-p32j-pqbh" }, { "vulnerability": "VCID-vb2n-e9k4-kfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gzip@1.3.3-12%3Farch=rhel3" }, { "url": "http://public2.vulnerablecode.io/api/packages/187527?format=api", "purl": "pkg:rpm/redhat/gzip@1.3.3-15?arch=rhel4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22yj-um9m-8bfa" }, { "vulnerability": "VCID-jq8f-p32j-pqbh" }, { "vulnerability": "VCID-vb2n-e9k4-kfat" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gzip@1.3.3-15%3Farch=rhel4" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1228.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1228.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-1228", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04585", "scoring_system": "epss", "scoring_elements": "0.8941", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04585", "scoring_system": "epss", "scoring_elements": "0.89429", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.04585", "scoring_system": "epss", "scoring_elements": "0.89428", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.04585", "scoring_system": "epss", "scoring_elements": "0.89427", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-1228" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1228", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1228" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617616", "reference_id": "1617616", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:357", "reference_id": "RHSA-2005:357", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:357" }, { "reference_url": "https://usn.ubuntu.com/116-1/", "reference_id": "USN-116-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/116-1/" } ], "weaknesses": [], "exploits": [], "severity_range_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-22yj-um9m-8bfa" }