{"url":"http://public2.vulnerablecode.io/api/packages/101444?format=json","purl":"pkg:deb/debian/libconfig-model-perl@2.152-1?distro=trixie","type":"deb","namespace":"debian","name":"libconfig-model-perl","version":"2.152-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.155-1","latest_non_vulnerable_version":"2.162-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75726?format=json","vulnerability_id":"VCID-eaaj-1jbb-7qdt","summary":"lib/Config/Model.pm in Config-Model (aka libconfig-model-perl) before 2.102 allows local users to gain privileges via a crafted model in the current working directory, related to use of . with the INC array.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-0374","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12243","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12326","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12325","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1229","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12207","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12221","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-0374"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0374"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/101445?format=json","purl":"pkg:deb/debian/libconfig-model-perl@2.097-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libconfig-model-perl@2.097-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101446?format=json","purl":"pkg:deb/debian/libconfig-model-perl@2.141-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libconfig-model-perl@2.141-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101444?format=json","purl":"pkg:deb/debian/libconfig-model-perl@2.152-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libconfig-model-perl@2.152-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101448?format=json","purl":"pkg:deb/debian/libconfig-model-perl@2.155-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libconfig-model-perl@2.155-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101447?format=json","purl":"pkg:deb/debian/libconfig-model-perl@2.162-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libconfig-model-perl@2.162-1%3Fdistro=trixie"}],"aliases":["CVE-2017-0374"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eaaj-1jbb-7qdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75725?format=json","vulnerability_id":"VCID-evw2-r6pj-3bd1","summary":"The gen_class_pod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model (aka libconfig-model-perl) before 2.102 has a dangerous \"use lib\" line, which allows remote attackers to have an unspecified impact via a crafted Debian package file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-0373","reference_id":"","reference_type":"","scores":[{"value":"0.00488","scoring_system":"epss","scoring_elements":"0.65809","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00488","scoring_system":"epss","scoring_elements":"0.65862","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00488","scoring_system":"epss","scoring_elements":"0.65873","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00488","scoring_system":"epss","scoring_elements":"0.65859","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00488","scoring_system":"epss","scoring_elements":"0.65849","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00488","scoring_system":"epss","scoring_elements":"0.65867","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-0373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0373"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/101445?format=json","purl":"pkg:deb/debian/libconfig-model-perl@2.097-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libconfig-model-perl@2.097-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101446?format=json","purl":"pkg:deb/debian/libconfig-model-perl@2.141-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libconfig-model-perl@2.141-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101444?format=json","purl":"pkg:deb/debian/libconfig-model-perl@2.152-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libconfig-model-perl@2.152-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101448?format=json","purl":"pkg:deb/debian/libconfig-model-perl@2.155-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libconfig-model-perl@2.155-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101447?format=json","purl":"pkg:deb/debian/libconfig-model-perl@2.162-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libconfig-model-perl@2.162-1%3Fdistro=trixie"}],"aliases":["CVE-2017-0373"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-evw2-r6pj-3bd1"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libconfig-model-perl@2.152-1%3Fdistro=trixie"}