{"url":"http://public2.vulnerablecode.io/api/packages/103650?format=json","purl":"pkg:deb/debian/sddm@0.11.0-2?distro=trixie","type":"deb","namespace":"debian","name":"sddm","version":"0.11.0-2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.12.0-5","latest_non_vulnerable_version":"0.21.0+git20251101.dfa5315-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203557?format=json","vulnerability_id":"VCID-e615-73yk-4fbp","summary":"Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user \"sddm\" without authentication.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7271","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24979","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7271"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103650?format=json","purl":"pkg:deb/debian/sddm@0.11.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sddm@0.11.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103651?format=json","purl":"pkg:deb/debian/sddm@0.19.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sddm@0.19.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103649?format=json","purl":"pkg:deb/debian/sddm@0.19.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sddm@0.19.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103653?format=json","purl":"pkg:deb/debian/sddm@0.21.0%2Bgit20250502.4fe234b-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sddm@0.21.0%252Bgit20250502.4fe234b-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103652?format=json","purl":"pkg:deb/debian/sddm@0.21.0%2Bgit20251101.dfa5315-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sddm@0.21.0%252Bgit20251101.dfa5315-1%3Fdistro=trixie"}],"aliases":["CVE-2014-7271"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e615-73yk-4fbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203558?format=json","vulnerability_id":"VCID-w2bv-ahh8-3qbn","summary":"Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7272","reference_id":"","reference_type":"","scores":[{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35243","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7272"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103650?format=json","purl":"pkg:deb/debian/sddm@0.11.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sddm@0.11.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103651?format=json","purl":"pkg:deb/debian/sddm@0.19.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sddm@0.19.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103649?format=json","purl":"pkg:deb/debian/sddm@0.19.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sddm@0.19.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103653?format=json","purl":"pkg:deb/debian/sddm@0.21.0%2Bgit20250502.4fe234b-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sddm@0.21.0%252Bgit20250502.4fe234b-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103652?format=json","purl":"pkg:deb/debian/sddm@0.21.0%2Bgit20251101.dfa5315-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sddm@0.21.0%252Bgit20251101.dfa5315-1%3Fdistro=trixie"}],"aliases":["CVE-2014-7272"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w2bv-ahh8-3qbn"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sddm@0.11.0-2%3Fdistro=trixie"}