Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/72128?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72128?format=api", "vulnerability_id": "VCID-wbym-cf79-rfd3", "summary": "Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archive that triggers an out-of-bounds write, aka a \"stack modification vulnerability.\"", "aliases": [ { "alias": "CVE-2006-4335" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5344?format=api", "purl": "pkg:deb/debian/gzip@1.3.5-15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u3sv-pcka-gfea" }, { "vulnerability": "VCID-vg3a-h2pv-xqab" }, { "vulnerability": "VCID-yep2-pmhw-bkgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-15" }, { "url": "http://public2.vulnerablecode.io/api/packages/98243?format=api", "purl": "pkg:deb/debian/gzip@1.3.5-15?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-15%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/98232?format=api", "purl": "pkg:deb/debian/gzip@1.10-4%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.10-4%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/98230?format=api", "purl": "pkg:deb/debian/gzip@1.12-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.12-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/98233?format=api", "purl": "pkg:deb/debian/gzip@1.13-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.13-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/192714?format=api", "purl": "pkg:ebuild/app-arch/gzip@1.3.5-r9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-arch/gzip@1.3.5-r9" }, { "url": "http://public2.vulnerablecode.io/api/packages/505889?format=api", "purl": "pkg:ebuild/app-arch/lha@114i-r6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-arch/lha@114i-r6" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5339?format=api", "purl": "pkg:deb/debian/gzip@1.2.4-27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22yj-um9m-8bfa" }, { "vulnerability": "VCID-353d-d1cj-5ka9" }, { "vulnerability": "VCID-9ehy-my4r-qbbe" }, { "vulnerability": "VCID-9jab-xz6n-g3h6" }, { "vulnerability": "VCID-ahfm-5k5y-zqa6" }, { "vulnerability": "VCID-jq8f-p32j-pqbh" }, { "vulnerability": "VCID-nxe3-44cq-2ybe" }, { "vulnerability": "VCID-psqw-be2n-ufcn" }, { "vulnerability": "VCID-u3sv-pcka-gfea" }, { "vulnerability": "VCID-up3n-ccgt-c3e7" }, { "vulnerability": "VCID-vb2n-e9k4-kfat" }, { "vulnerability": "VCID-vg3a-h2pv-xqab" }, { "vulnerability": "VCID-wbym-cf79-rfd3" }, { "vulnerability": "VCID-yep2-pmhw-bkgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.2.4-27" }, { "url": "http://public2.vulnerablecode.io/api/packages/5340?format=api", "purl": "pkg:deb/debian/gzip@1.2.4-28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22yj-um9m-8bfa" }, { "vulnerability": "VCID-353d-d1cj-5ka9" }, { "vulnerability": "VCID-9ehy-my4r-qbbe" }, { "vulnerability": "VCID-9jab-xz6n-g3h6" }, { "vulnerability": "VCID-ahfm-5k5y-zqa6" }, { "vulnerability": "VCID-jq8f-p32j-pqbh" }, { "vulnerability": "VCID-nxe3-44cq-2ybe" }, { "vulnerability": "VCID-psqw-be2n-ufcn" }, { "vulnerability": "VCID-u3sv-pcka-gfea" }, { "vulnerability": "VCID-up3n-ccgt-c3e7" }, { "vulnerability": "VCID-vb2n-e9k4-kfat" }, { "vulnerability": "VCID-vg3a-h2pv-xqab" }, { "vulnerability": "VCID-wbym-cf79-rfd3" }, { "vulnerability": "VCID-yep2-pmhw-bkgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.2.4-28" }, { "url": "http://public2.vulnerablecode.io/api/packages/5341?format=api", "purl": "pkg:deb/debian/gzip@1.2.4-33.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22yj-um9m-8bfa" }, { "vulnerability": "VCID-353d-d1cj-5ka9" }, { "vulnerability": "VCID-9ehy-my4r-qbbe" }, { "vulnerability": "VCID-9jab-xz6n-g3h6" }, { "vulnerability": "VCID-ahfm-5k5y-zqa6" }, { "vulnerability": "VCID-jq8f-p32j-pqbh" }, { "vulnerability": "VCID-nxe3-44cq-2ybe" }, { "vulnerability": "VCID-psqw-be2n-ufcn" }, { "vulnerability": "VCID-u3sv-pcka-gfea" }, { "vulnerability": "VCID-up3n-ccgt-c3e7" }, { "vulnerability": "VCID-vb2n-e9k4-kfat" }, { "vulnerability": "VCID-vg3a-h2pv-xqab" }, { "vulnerability": "VCID-wbym-cf79-rfd3" }, { "vulnerability": "VCID-yep2-pmhw-bkgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.2.4-33.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5342?format=api", "purl": "pkg:deb/debian/gzip@1.3.2-3woody3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22yj-um9m-8bfa" }, { "vulnerability": "VCID-353d-d1cj-5ka9" }, { "vulnerability": "VCID-9ehy-my4r-qbbe" }, { "vulnerability": "VCID-9jab-xz6n-g3h6" }, { "vulnerability": "VCID-ahfm-5k5y-zqa6" }, { "vulnerability": "VCID-jq8f-p32j-pqbh" }, { "vulnerability": "VCID-nxe3-44cq-2ybe" }, { "vulnerability": "VCID-psqw-be2n-ufcn" }, { "vulnerability": "VCID-u3sv-pcka-gfea" }, { "vulnerability": "VCID-up3n-ccgt-c3e7" }, { "vulnerability": "VCID-vb2n-e9k4-kfat" }, { "vulnerability": "VCID-vg3a-h2pv-xqab" }, { "vulnerability": "VCID-wbym-cf79-rfd3" }, { "vulnerability": "VCID-yep2-pmhw-bkgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.2-3woody3" }, { "url": "http://public2.vulnerablecode.io/api/packages/5343?format=api", "purl": "pkg:deb/debian/gzip@1.3.5-10sarge2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9ehy-my4r-qbbe" }, { "vulnerability": "VCID-9jab-xz6n-g3h6" }, { "vulnerability": "VCID-psqw-be2n-ufcn" }, { "vulnerability": "VCID-u3sv-pcka-gfea" }, { "vulnerability": "VCID-up3n-ccgt-c3e7" }, { "vulnerability": "VCID-vg3a-h2pv-xqab" }, { "vulnerability": "VCID-wbym-cf79-rfd3" }, { "vulnerability": "VCID-yep2-pmhw-bkgw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gzip@1.3.5-10sarge2" }, { "url": "http://public2.vulnerablecode.io/api/packages/187205?format=api", "purl": "pkg:rpm/redhat/gzip@1.3.3-13?arch=rhel3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9ehy-my4r-qbbe" }, { "vulnerability": "VCID-9jab-xz6n-g3h6" }, { "vulnerability": "VCID-psqw-be2n-ufcn" }, { "vulnerability": "VCID-up3n-ccgt-c3e7" }, { "vulnerability": "VCID-wbym-cf79-rfd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gzip@1.3.3-13%3Farch=rhel3" }, { "url": "http://public2.vulnerablecode.io/api/packages/187204?format=api", "purl": "pkg:rpm/redhat/gzip@1.3.3-16?arch=rhel4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9ehy-my4r-qbbe" }, { "vulnerability": "VCID-9jab-xz6n-g3h6" }, { "vulnerability": "VCID-psqw-be2n-ufcn" }, { "vulnerability": "VCID-up3n-ccgt-c3e7" }, { "vulnerability": "VCID-wbym-cf79-rfd3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gzip@1.3.3-16%3Farch=rhel4" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4335.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4335.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4335", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03561", "scoring_system": "epss", "scoring_elements": "0.87914", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03561", "scoring_system": "epss", "scoring_elements": "0.87935", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03561", "scoring_system": "epss", "scoring_elements": "0.87939", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03561", "scoring_system": "epss", "scoring_elements": "0.87938", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.03561", "scoring_system": "epss", "scoring_elements": "0.8794", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4335" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=220595", "reference_id": "220595", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=220595" }, { "reference_url": "https://security.gentoo.org/glsa/200609-13", "reference_id": "GLSA-200609-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200609-13" }, { "reference_url": "https://security.gentoo.org/glsa/200611-24", "reference_id": "GLSA-200611-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200611-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0667", "reference_id": "RHSA-2006:0667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0667" }, { "reference_url": "https://usn.ubuntu.com/349-1/", "reference_id": "USN-349-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/349-1/" } ], "weaknesses": [], "exploits": [], "severity_range_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wbym-cf79-rfd3" }