{"url":"http://public2.vulnerablecode.io/api/packages/101408?format=json","purl":"pkg:deb/debian/qemu@0.9.1%2Bsvn20081101-1?distro=trixie","type":"deb","namespace":"debian","name":"qemu","version":"0.9.1+svn20081101-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.9.1+svn20081207-1","latest_non_vulnerable_version":"1:11.0.1+ds-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201153?format=json","vulnerability_id":"VCID-bzsf-h612-rfhk","summary":"Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX \"bitblt\" heap overflow.  NOTE: this issue exists because of an incorrect fix for CVE-2007-1320.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4539.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4539.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4539","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15284","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15418","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15426","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15393","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4539"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=466890","reference_id":"466890","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=466890"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526040","reference_id":"526040","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526040"},{"reference_url":"https://usn.ubuntu.com/776-1/","reference_id":"USN-776-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/776-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/101408?format=json","purl":"pkg:deb/debian/qemu@0.9.1%2Bsvn20081101-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@0.9.1%252Bsvn20081101-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101400?format=json","purl":"pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ge6-kys6-3be9"},{"vulnerability":"VCID-5zan-9uk7-tkbj"},{"vulnerability":"VCID-6xbd-6e4e-2kdx"},{"vulnerability":"VCID-7axm-aanq-tqa6"},{"vulnerability":"VCID-8c1p-17pk-ukd4"},{"vulnerability":"VCID-8tn2-j78e-mbb9"},{"vulnerability":"VCID-9yqp-m6x5-eyh1"},{"vulnerability":"VCID-e423-8d42-tkdh"},{"vulnerability":"VCID-hg1w-2ns9-mbat"},{"vulnerability":"VCID-nea8-qgt9-63fy"},{"vulnerability":"VCID-pvvb-hzkq-gbf7"},{"vulnerability":"VCID-q5b1-dkud-zya7"},{"vulnerability":"VCID-sx77-xz6p-5khh"},{"vulnerability":"VCID-w4gk-d65y-dqff"},{"vulnerability":"VCID-wwqb-f8kp-syer"},{"vulnerability":"VCID-xck7-fkrx-zbd2"},{"vulnerability":"VCID-xfpp-7u4x-ybaj"},{"vulnerability":"VCID-y2yz-9gr6-7uaz"},{"vulnerability":"VCID-yk76-q8un-b3ca"},{"vulnerability":"VCID-zrcr-7xr9-k7bc"},{"vulnerability":"VCID-zw41-wzst-bbfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101398?format=json","purl":"pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5zan-9uk7-tkbj"},{"vulnerability":"VCID-6xbd-6e4e-2kdx"},{"vulnerability":"VCID-8tn2-j78e-mbb9"},{"vulnerability":"VCID-cxb5-ps1u-jkhx"},{"vulnerability":"VCID-ua92-uymv-rfdg"},{"vulnerability":"VCID-w4gk-d65y-dqff"},{"vulnerability":"VCID-wwqb-f8kp-syer"},{"vulnerability":"VCID-y2yz-9gr6-7uaz"},{"vulnerability":"VCID-yk76-q8un-b3ca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101403?format=json","purl":"pkg:deb/debian/qemu@1:10.0.8%2Bds-0%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4p3f-84d2-aqcu"},{"vulnerability":"VCID-5zan-9uk7-tkbj"},{"vulnerability":"VCID-6e19-9wsk-nye4"},{"vulnerability":"VCID-6xbd-6e4e-2kdx"},{"vulnerability":"VCID-81v2-tkvj-qqbe"},{"vulnerability":"VCID-c16z-ca8e-rkhu"},{"vulnerability":"VCID-cxb5-ps1u-jkhx"},{"vulnerability":"VCID-fqvy-zgea-b7d6"},{"vulnerability":"VCID-h3me-ktz3-c7dw"},{"vulnerability":"VCID-mkmq-psus-f3hs"},{"vulnerability":"VCID-msrv-b6b8-wqey"},{"vulnerability":"VCID-rgbz-jtuq-ffg7"},{"vulnerability":"VCID-sgd1-uzxs-5yh3"},{"vulnerability":"VCID-uw6e-53zw-9kf2"},{"vulnerability":"VCID-wwqb-f8kp-syer"},{"vulnerability":"VCID-wxhk-n1v2-dbaj"},{"vulnerability":"VCID-y2yz-9gr6-7uaz"},{"vulnerability":"VCID-yk76-q8un-b3ca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.8%252Bds-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101401?format=json","purl":"pkg:deb/debian/qemu@1:11.0.0%2Bds-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6e19-9wsk-nye4"},{"vulnerability":"VCID-81v2-tkvj-qqbe"},{"vulnerability":"VCID-c16z-ca8e-rkhu"},{"vulnerability":"VCID-fqvy-zgea-b7d6"},{"vulnerability":"VCID-h3me-ktz3-c7dw"},{"vulnerability":"VCID-msrv-b6b8-wqey"},{"vulnerability":"VCID-sgd1-uzxs-5yh3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101402?format=json","purl":"pkg:deb/debian/qemu@1:11.0.1%2Bds-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.1%252Bds-1%3Fdistro=trixie"}],"aliases":["CVE-2008-4539"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bzsf-h612-rfhk"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@0.9.1%252Bsvn20081101-1%3Fdistro=trixie"}