{"url":"http://public2.vulnerablecode.io/api/packages/1035905?format=json","purl":"pkg:deb/debian/awstats@7.2%2Bdfsg-1","type":"deb","namespace":"debian","name":"awstats","version":"7.2+dfsg-1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"7.8-3+deb12u2","latest_non_vulnerable_version":"8.0-5","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96858?format=json","vulnerability_id":"VCID-6241-45ms-x3ec","summary":"AWStats 8.0 is vulnerable to Command Injection via the open function","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-63261","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1973","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19683","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19454","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20628","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20551","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20609","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20587","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20534","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.2052","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20518","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23801","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23953","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23913","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23966","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24092","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-63261"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-63261","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-63261"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131878","reference_id":"1131878","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131878"},{"reference_url":"https://github.com/eldy/AWStats/blob/develop/wwwroot/cgi-bin/awstats.pl","reference_id":"awstats.pl","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-23T14:09:17Z/"}],"url":"https://github.com/eldy/AWStats/blob/develop/wwwroot/cgi-bin/awstats.pl"},{"reference_url":"https://pentest-tools.com/PTT-2025-021-Code-Execution-in-AWStats.pdf","reference_id":"PTT-2025-021-Code-Execution-in-AWStats.pdf","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-23T14:09:17Z/"}],"url":"https://pentest-tools.com/PTT-2025-021-Code-Execution-in-AWStats.pdf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584427?format=json","purl":"pkg:deb/debian/awstats@7.8-3%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6241-45ms-x3ec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.8-3%252Bdeb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1054207?format=json","purl":"pkg:deb/debian/awstats@7.8-3%2Bdeb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.8-3%252Bdeb12u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1054208?format=json","purl":"pkg:deb/debian/awstats@7.9-1%2Bdeb13u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.9-1%252Bdeb13u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026207?format=json","purl":"pkg:deb/debian/awstats@8.0-5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@8.0-5"}],"aliases":["CVE-2025-63261"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6241-45ms-x3ec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94571?format=json","vulnerability_id":"VCID-fxrv-1bju-qkgm","summary":"In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501 and CVE-2020-29600.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35176","reference_id":"","reference_type":"","scores":[{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76289","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76131","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76135","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76167","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76148","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.7618","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76194","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76218","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76192","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76233","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76237","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.7622","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76257","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76267","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.7628","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35176"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35176","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35176"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977190","reference_id":"977190","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977190"},{"reference_url":"https://security.archlinux.org/ASA-202103-15","reference_id":"ASA-202103-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202103-15"},{"reference_url":"https://security.archlinux.org/AVG-1356","reference_id":"AVG-1356","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1356"},{"reference_url":"https://usn.ubuntu.com/4953-1/","reference_id":"USN-4953-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4953-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052114?format=json","purl":"pkg:deb/debian/awstats@7.8-2%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6241-45ms-x3ec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.8-2%252Bdeb11u1"}],"aliases":["CVE-2020-35176"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fxrv-1bju-qkgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50243?format=json","vulnerability_id":"VCID-qabb-bgqe-afdd","summary":"Multiple vulnerabilities have been found in AWStats, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000501","reference_id":"","reference_type":"","scores":[{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.91183","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.9117","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.91086","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.91092","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.911","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.91109","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.91121","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.91127","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.91135","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.91136","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.9116","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.91159","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.91163","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.91177","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06548","scoring_system":"epss","scoring_elements":"0.91174","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000501"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000501","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000501"},{"reference_url":"https://github.com/eldy/awstats/commit/06c0ab29c1e5059d9e0279c6b64d573d619e1651","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/eldy/awstats/commit/06c0ab29c1e5059d9e0279c6b64d573d619e1651"},{"reference_url":"https://github.com/eldy/awstats/commit/cf219843a74c951bf5986f3a7fffa3dcf99c3899","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/eldy/awstats/commit/cf219843a74c951bf5986f3a7fffa3dcf99c3899"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00012.html"},{"reference_url":"https://www.debian.org/security/2018/dsa-4092","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4092"},{"reference_url":"http://www.awstats.org/","reference_id":"","reference_type":"","scores":[],"url":"http://www.awstats.org/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885835","reference_id":"885835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885835"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:awstats:awstats:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:awstats:awstats:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:awstats:awstats:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000501","reference_id":"CVE-2017-1000501","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000501"},{"reference_url":"https://security.gentoo.org/glsa/202007-37","reference_id":"GLSA-202007-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-37"},{"reference_url":"https://usn.ubuntu.com/3518-1/","reference_id":"USN-3518-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3518-1/"},{"reference_url":"https://usn.ubuntu.com/4953-1/","reference_id":"USN-4953-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4953-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035906?format=json","purl":"pkg:deb/debian/awstats@7.2%2Bdfsg-1%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6241-45ms-x3ec"},{"vulnerability":"VCID-fxrv-1bju-qkgm"},{"vulnerability":"VCID-qabb-bgqe-afdd"},{"vulnerability":"VCID-s1bj-dpp3-9ubt"},{"vulnerability":"VCID-vqyg-xfyk-h3e5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.2%252Bdfsg-1%252Bdeb8u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1037617?format=json","purl":"pkg:deb/debian/awstats@7.6%2Bdfsg-1%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6241-45ms-x3ec"},{"vulnerability":"VCID-fxrv-1bju-qkgm"},{"vulnerability":"VCID-qabb-bgqe-afdd"},{"vulnerability":"VCID-s1bj-dpp3-9ubt"},{"vulnerability":"VCID-vqyg-xfyk-h3e5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.6%252Bdfsg-1%252Bdeb9u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1052113?format=json","purl":"pkg:deb/debian/awstats@7.6%2Bdfsg-2%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6241-45ms-x3ec"},{"vulnerability":"VCID-fxrv-1bju-qkgm"},{"vulnerability":"VCID-s1bj-dpp3-9ubt"},{"vulnerability":"VCID-vqyg-xfyk-h3e5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.6%252Bdfsg-2%252Bdeb10u1"}],"aliases":["CVE-2017-1000501"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qabb-bgqe-afdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95315?format=json","vulnerability_id":"VCID-s1bj-dpp3-9ubt","summary":"AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-46391","reference_id":"","reference_type":"","scores":[{"value":"0.00952","scoring_system":"epss","scoring_elements":"0.76467","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00952","scoring_system":"epss","scoring_elements":"0.76389","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00952","scoring_system":"epss","scoring_elements":"0.76384","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00952","scoring_system":"epss","scoring_elements":"0.76424","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00952","scoring_system":"epss","scoring_elements":"0.7643","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00952","scoring_system":"epss","scoring_elements":"0.76414","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00952","scoring_system":"epss","scoring_elements":"0.76447","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00952","scoring_system":"epss","scoring_elements":"0.76454","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00952","scoring_system":"epss","scoring_elements":"0.76328","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00952","scoring_system":"epss","scoring_elements":"0.76359","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00952","scoring_system":"epss","scoring_elements":"0.76339","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00952","scoring_system":"epss","scoring_elements":"0.76371","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00952","scoring_system":"epss","scoring_elements":"0.76385","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00952","scoring_system":"epss","scoring_elements":"0.76411","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-46391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46391"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025410","reference_id":"1025410","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025410"},{"reference_url":"https://github.com/eldy/AWStats/pull/226","reference_id":"226","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T15:20:05Z/"}],"url":"https://github.com/eldy/AWStats/pull/226"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRFYH4DE3COMI3LJCOQQXA4FWOABU6Z2/","reference_id":"GRFYH4DE3COMI3LJCOQQXA4FWOABU6Z2","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T15:20:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRFYH4DE3COMI3LJCOQQXA4FWOABU6Z2/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T15:20:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00010.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYUZIFVB4N3NK4WGNHRNXZKJITCJBJX4/","reference_id":"MYUZIFVB4N3NK4WGNHRNXZKJITCJBJX4","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T15:20:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYUZIFVB4N3NK4WGNHRNXZKJITCJBJX4/"},{"reference_url":"https://usn.ubuntu.com/5899-1/","reference_id":"USN-5899-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5899-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052114?format=json","purl":"pkg:deb/debian/awstats@7.8-2%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6241-45ms-x3ec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.8-2%252Bdeb11u1"}],"aliases":["CVE-2022-46391"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s1bj-dpp3-9ubt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94560?format=json","vulnerability_id":"VCID-vqyg-xfyk-h3e5","summary":"In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-29600","reference_id":"","reference_type":"","scores":[{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.8464","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84654","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84675","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84677","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84699","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84706","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84724","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84719","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84713","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84735","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84736","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84737","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84765","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84774","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84773","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02292","scoring_system":"epss","scoring_elements":"0.84789","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-29600"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29600","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29600"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891469","reference_id":"891469","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891469"},{"reference_url":"https://usn.ubuntu.com/4953-1/","reference_id":"USN-4953-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4953-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052114?format=json","purl":"pkg:deb/debian/awstats@7.8-2%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6241-45ms-x3ec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.8-2%252Bdeb11u1"}],"aliases":["CVE-2020-29600"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vqyg-xfyk-h3e5"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92396?format=json","vulnerability_id":"VCID-kfb9-pts3-dffa","summary":"Unspecified vulnerability in awredir.pl in AWStats before 7.1 has unknown impact and attack vectors.","references":[{"reference_url":"http://awstats.sourceforge.net/docs/awstats_changelog.txt","reference_id":"","reference_type":"","scores":[],"url":"http://awstats.sourceforge.net/docs/awstats_changelog.txt"},{"reference_url":"http://openwall.com/lists/oss-security/2012/10/26/1","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2012/10/26/1"},{"reference_url":"http://openwall.com/lists/oss-security/2012/10/29/7","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2012/10/29/7"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4547","reference_id":"","reference_type":"","scores":[{"value":"0.31657","scoring_system":"epss","scoring_elements":"0.96819","published_at":"2026-05-05T12:55:00Z"},{"value":"0.31657","scoring_system":"epss","scoring_elements":"0.96766","published_at":"2026-04-01T12:55:00Z"},{"value":"0.31657","scoring_system":"epss","scoring_elements":"0.96775","published_at":"2026-04-02T12:55:00Z"},{"value":"0.31657","scoring_system":"epss","scoring_elements":"0.96777","published_at":"2026-04-04T12:55:00Z"},{"value":"0.31657","scoring_system":"epss","scoring_elements":"0.96781","published_at":"2026-04-07T12:55:00Z"},{"value":"0.31657","scoring_system":"epss","scoring_elements":"0.96789","published_at":"2026-04-08T12:55:00Z"},{"value":"0.31657","scoring_system":"epss","scoring_elements":"0.9679","published_at":"2026-04-09T12:55:00Z"},{"value":"0.31657","scoring_system":"epss","scoring_elements":"0.96793","published_at":"2026-04-12T12:55:00Z"},{"value":"0.31657","scoring_system":"epss","scoring_elements":"0.96794","published_at":"2026-04-13T12:55:00Z"},{"value":"0.31657","scoring_system":"epss","scoring_elements":"0.968","published_at":"2026-04-16T12:55:00Z"},{"value":"0.31657","scoring_system":"epss","scoring_elements":"0.96804","published_at":"2026-04-18T12:55:00Z"},{"value":"0.31657","scoring_system":"epss","scoring_elements":"0.96807","published_at":"2026-04-26T12:55:00Z"},{"value":"0.31657","scoring_system":"epss","scoring_elements":"0.96806","published_at":"2026-04-24T12:55:00Z"},{"value":"0.31657","scoring_system":"epss","scoring_elements":"0.96811","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4547"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/79638","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/79638"},{"reference_url":"http://www.securityfocus.com/bid/56280","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/56280"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:2.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:2.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:2.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:2.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:2.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:2.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:5.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:5.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:5.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:5.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:5.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:5.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:5.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:5.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:6.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:6.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:6.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:6.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:6.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:6.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.95:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:laurent_destailleur:awstats:6.95:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:laurent_destailleur:awstats:6.95:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4547","reference_id":"CVE-2012-4547","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035905?format=json","purl":"pkg:deb/debian/awstats@7.2%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6241-45ms-x3ec"},{"vulnerability":"VCID-fxrv-1bju-qkgm"},{"vulnerability":"VCID-qabb-bgqe-afdd"},{"vulnerability":"VCID-s1bj-dpp3-9ubt"},{"vulnerability":"VCID-vqyg-xfyk-h3e5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.2%252Bdfsg-1"}],"aliases":["CVE-2012-4547"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kfb9-pts3-dffa"}],"risk_score":"4.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/awstats@7.2%252Bdfsg-1"}