{"url":"http://public2.vulnerablecode.io/api/packages/102087?format=json","purl":"pkg:deb/debian/reportbug@12.0.0?distro=trixie","type":"deb","namespace":"debian","name":"reportbug","version":"12.0.0","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.8","latest_non_vulnerable_version":"13.2.0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110500?format=json","vulnerability_id":"VCID-3sey-kp3d-6yfv","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0479","reference_id":"","reference_type":"","scores":[{"value":"0.0068","scoring_system":"epss","scoring_elements":"0.72073","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0479"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102092?format=json","purl":"pkg:deb/debian/reportbug@6.5.0%2Bnmu1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@6.5.0%252Bnmu1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102089?format=json","purl":"pkg:deb/debian/reportbug@7.10.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@7.10.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102087?format=json","purl":"pkg:deb/debian/reportbug@12.0.0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@12.0.0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102090?format=json","purl":"pkg:deb/debian/reportbug@13.2.0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@13.2.0%3Fdistro=trixie"}],"aliases":["CVE-2014-0479"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3sey-kp3d-6yfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200020?format=json","vulnerability_id":"VCID-pr4h-wkes-4ybt","summary":"reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0625","reference_id":"","reference_type":"","scores":[{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24078","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0625"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0625","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0625"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=295407","reference_id":"295407","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=295407"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102088?format=json","purl":"pkg:deb/debian/reportbug@3.8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@3.8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102089?format=json","purl":"pkg:deb/debian/reportbug@7.10.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@7.10.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102087?format=json","purl":"pkg:deb/debian/reportbug@12.0.0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@12.0.0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102090?format=json","purl":"pkg:deb/debian/reportbug@13.2.0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@13.2.0%3Fdistro=trixie"}],"aliases":["CVE-2005-0625"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pr4h-wkes-4ybt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200019?format=json","vulnerability_id":"VCID-ujuy-p61n-jkbz","summary":"reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0624","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18648","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0624"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=295407","reference_id":"295407","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=295407"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102088?format=json","purl":"pkg:deb/debian/reportbug@3.8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@3.8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102089?format=json","purl":"pkg:deb/debian/reportbug@7.10.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@7.10.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102087?format=json","purl":"pkg:deb/debian/reportbug@12.0.0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@12.0.0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102090?format=json","purl":"pkg:deb/debian/reportbug@13.2.0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@13.2.0%3Fdistro=trixie"}],"aliases":["CVE-2005-0624"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ujuy-p61n-jkbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201034?format=json","vulnerability_id":"VCID-xc22-2szp-u3cw","summary":"Untrusted search path vulnerability in (1) reportbug 3.8 and 3.31, and (2) reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2230","reference_id":"","reference_type":"","scores":[{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.47161","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2230"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2230","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2230"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484311","reference_id":"484311","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484311"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102091?format=json","purl":"pkg:deb/debian/reportbug@3.41?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@3.41%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102089?format=json","purl":"pkg:deb/debian/reportbug@7.10.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@7.10.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102087?format=json","purl":"pkg:deb/debian/reportbug@12.0.0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@12.0.0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102090?format=json","purl":"pkg:deb/debian/reportbug@13.2.0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@13.2.0%3Fdistro=trixie"}],"aliases":["CVE-2008-2230"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xc22-2szp-u3cw"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/reportbug@12.0.0%3Fdistro=trixie"}