{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","type":"deb","namespace":"debian","name":"sendmail","version":"8.15.2-22+deb11u3","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"8.16.1-2","latest_non_vulnerable_version":"8.18.2-2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9786?format=json","vulnerability_id":"VCID-t3yw-8rhv-jyer","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3618.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3618.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3618","reference_id":"","reference_type":"","scores":[{"value":"0.00615","scoring_system":"epss","scoring_elements":"0.70392","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1975623","reference_id":"1975623","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1975623"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328","reference_id":"991328","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329","reference_id":"991329","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331","reference_id":"991331","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331"},{"reference_url":"https://security.archlinux.org/AVG-2101","reference_id":"AVG-2101","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2101"},{"reference_url":"https://security.archlinux.org/AVG-2102","reference_id":"AVG-2102","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2102"},{"reference_url":"https://security.archlinux.org/AVG-2103","reference_id":"AVG-2103","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2103"},{"reference_url":"https://usn.ubuntu.com/5371-1/","reference_id":"USN-5371-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5371-1/"},{"reference_url":"https://usn.ubuntu.com/5371-2/","reference_id":"USN-5371-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5371-2/"},{"reference_url":"https://usn.ubuntu.com/6379-1/","reference_id":"USN-6379-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6379-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103716?format=json","purl":"pkg:deb/debian/sendmail@8.16.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.16.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2021-3618"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t3yw-8rhv-jyer"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219082?format=json","vulnerability_id":"VCID-24zb-tvne-kkde","summary":"Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact.  NOTE: this might overlap CVE-1999-0129.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-1999-1592","reference_id":"","reference_type":"","scores":[{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60728","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-1999-1592"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103695?format=json","purl":"pkg:deb/debian/sendmail@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-1999-1592"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-24zb-tvne-kkde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180831?format=json","vulnerability_id":"VCID-3n2c-5aem-c7ah","summary":"An error in the hostname matching in sendmail might enable remote\n    attackers to conduct man-in-the-middle attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4565.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4565.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4565","reference_id":"","reference_type":"","scores":[{"value":"0.00771","scoring_system":"epss","scoring_elements":"0.73979","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=552622","reference_id":"552622","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=552622"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564581","reference_id":"564581","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564581"},{"reference_url":"https://security.gentoo.org/glsa/201206-30","reference_id":"GLSA-201206-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0237","reference_id":"RHSA-2010:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0262","reference_id":"RHSA-2011:0262","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0262"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103714?format=json","purl":"pkg:deb/debian/sendmail@8.14.3-9.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.14.3-9.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2009-4565"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3n2c-5aem-c7ah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178679?format=json","vulnerability_id":"VCID-5ey3-wz7c-a3e2","summary":"A vulnerability in sendmail could allow a local attacker to obtain\n    sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3956.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3956.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3956","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2373","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1102174","reference_id":"1102174","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1102174"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750562","reference_id":"750562","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750562"},{"reference_url":"https://security.gentoo.org/glsa/201412-32","reference_id":"GLSA-201412-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-32"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103715?format=json","purl":"pkg:deb/debian/sendmail@8.14.4-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.14.4-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2014-3956"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ey3-wz7c-a3e2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199516?format=json","vulnerability_id":"VCID-6cqy-tnpc-eqdj","summary":"The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special \"NOCHAR\" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0161.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0161.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0161","reference_id":"","reference_type":"","scores":[{"value":"0.60086","scoring_system":"epss","scoring_elements":"0.98304","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0161"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616990","reference_id":"1616990","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616990"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:120","reference_id":"RHSA-2003:120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:121","reference_id":"RHSA-2003:121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:227","reference_id":"RHSA-2003:227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:227"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103705?format=json","purl":"pkg:deb/debian/sendmail@8.12.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.12.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2003-0161"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6cqy-tnpc-eqdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199387?format=json","vulnerability_id":"VCID-9mq5-eka9-cudb","summary":"Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0906","reference_id":"","reference_type":"","scores":[{"value":"0.05522","scoring_system":"epss","scoring_elements":"0.90457","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0906"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0906","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0906"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103700?format=json","purl":"pkg:deb/debian/sendmail@8.12.5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.12.5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2002-0906"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9mq5-eka9-cudb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182147?format=json","vulnerability_id":"VCID-anys-rpnw-1yer","summary":"Sendmail is vulnerable to a race condition which could lead to the\n    execution of arbitrary code with sendmail privileges.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0058.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0058.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0058","reference_id":"","reference_type":"","scores":[{"value":"0.5899","scoring_system":"epss","scoring_elements":"0.98264","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0058"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617872","reference_id":"1617872","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617872"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358440","reference_id":"358440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358440"},{"reference_url":"https://security.gentoo.org/glsa/200603-21","reference_id":"GLSA-200603-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200603-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0264","reference_id":"RHSA-2006:0264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0265","reference_id":"RHSA-2006:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0265"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103710?format=json","purl":"pkg:deb/debian/sendmail@8.13.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2006-0058"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-anys-rpnw-1yer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184663?format=json","vulnerability_id":"VCID-bays-72wj-hqbr","summary":"Faulty multipart MIME messages can cause forked Sendmail processes to\n    crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-1173.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-1173.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-1173","reference_id":"","reference_type":"","scores":[{"value":"0.21456","scoring_system":"epss","scoring_elements":"0.95835","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-1173"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618028","reference_id":"1618028","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618028"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373801","reference_id":"373801","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373801"},{"reference_url":"https://security.gentoo.org/glsa/200606-19","reference_id":"GLSA-200606-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200606-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0515","reference_id":"RHSA-2006:0515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0515"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103711?format=json","purl":"pkg:deb/debian/sendmail@8.13.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2006-1173"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bays-72wj-hqbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219083?format=json","vulnerability_id":"VCID-bfn2-1tyx-a3h7","summary":"The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not allow the administrator to disable SSLv2 encryption, which could cause less secure channels to be used than desired.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7175.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7175.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-7175","reference_id":"","reference_type":"","scores":[{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47833","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-7175"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=172352","reference_id":"172352","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=172352"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103695?format=json","purl":"pkg:deb/debian/sendmail@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2006-7175"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bfn2-1tyx-a3h7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219084?format=json","vulnerability_id":"VCID-d6nb-v867-8bbv","summary":"The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the \"localhost.localdomain\" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7176.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7176.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-7176","reference_id":"","reference_type":"","scores":[{"value":"0.00757","scoring_system":"epss","scoring_elements":"0.73736","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-7176"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=238540","reference_id":"238540","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=238540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0252","reference_id":"RHSA-2007:0252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0237","reference_id":"RHSA-2010:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0237"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103695?format=json","purl":"pkg:deb/debian/sendmail@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2006-7176"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d6nb-v867-8bbv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199583?format=json","vulnerability_id":"VCID-dbnv-bcj4-4fhb","summary":"A \"potential buffer overflow in ruleset parsing\" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0681.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0681.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0681","reference_id":"","reference_type":"","scores":[{"value":"0.12435","scoring_system":"epss","scoring_elements":"0.94065","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0681"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617062","reference_id":"1617062","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:283","reference_id":"RHSA-2003:283","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:283"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103707?format=json","purl":"pkg:deb/debian/sendmail@8.12.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.12.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2003-0681"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dbnv-bcj4-4fhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199420?format=json","vulnerability_id":"VCID-e2kw-253u-nkew","summary":"Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1337.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1337.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1337","reference_id":"","reference_type":"","scores":[{"value":"0.4275","scoring_system":"epss","scoring_elements":"0.9756","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1337"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1337","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1337"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616877","reference_id":"1616877","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:073","reference_id":"RHSA-2003:073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:074","reference_id":"RHSA-2003:074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:227","reference_id":"RHSA-2003:227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:227"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103702?format=json","purl":"pkg:deb/debian/sendmail@8.13.0.PreAlpha4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.0.PreAlpha4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2002-1337"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e2kw-253u-nkew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199743?format=json","vulnerability_id":"VCID-f9f3-wfyg-57dx","summary":"Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0833","reference_id":"","reference_type":"","scores":[{"value":"0.00664","scoring_system":"epss","scoring_elements":"0.71683","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0833"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103709?format=json","purl":"pkg:deb/debian/sendmail@8.13.1-13?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.1-13%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2004-0833"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f9f3-wfyg-57dx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219081?format=json","vulnerability_id":"VCID-g5zd-4rpv-e7gb","summary":"SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-1999-1580","reference_id":"","reference_type":"","scores":[{"value":"0.00708","scoring_system":"epss","scoring_elements":"0.72654","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-1999-1580"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103695?format=json","purl":"pkg:deb/debian/sendmail@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-1999-1580"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g5zd-4rpv-e7gb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199589?format=json","vulnerability_id":"VCID-j5w3-ffyv-gucr","summary":"The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0694.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0694.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0694","reference_id":"","reference_type":"","scores":[{"value":"0.7608","scoring_system":"epss","scoring_elements":"0.98941","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0694"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0694","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0694"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617070","reference_id":"1617070","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:283","reference_id":"RHSA-2003:283","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:283"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:284","reference_id":"RHSA-2003:284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:284"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103707?format=json","purl":"pkg:deb/debian/sendmail@8.12.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.12.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2003-0694"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j5w3-ffyv-gucr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199536?format=json","vulnerability_id":"VCID-kehw-k7we-ebhh","summary":"The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0308","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19219","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0308"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103706?format=json","purl":"pkg:deb/debian/sendmail@8.12.9-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.12.9-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2003-0308"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kehw-k7we-ebhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199586?format=json","vulnerability_id":"VCID-m2gn-zuhd-rqan","summary":"The DNS map code in Sendmail 8.12.8 and earlier, when using the \"enhdnsbl\" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0688.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0688.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0688","reference_id":"","reference_type":"","scores":[{"value":"0.01711","scoring_system":"epss","scoring_elements":"0.82749","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0688","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0688"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617065","reference_id":"1617065","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:265","reference_id":"RHSA-2003:265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:265"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103708?format=json","purl":"pkg:deb/debian/sendmail@8.12.9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.12.9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2003-0688"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m2gn-zuhd-rqan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/16163?format=json","vulnerability_id":"VCID-my4k-vy8f-sue2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51765.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51765.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-51765","reference_id":"","reference_type":"","scores":[{"value":"0.00837","scoring_system":"epss","scoring_elements":"0.75102","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-51765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51765"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059386","reference_id":"1059386","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059386"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255869","reference_id":"2255869","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255869"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103718?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103717?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103719?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2023-51765"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-my4k-vy8f-sue2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199398?format=json","vulnerability_id":"VCID-nrtz-aj39-9fdt","summary":"Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) \"||\" sequences or (2) \"/\" characters, which are not properly filtered or verified.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1165.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1165.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1165","reference_id":"","reference_type":"","scores":[{"value":"0.01137","scoring_system":"epss","scoring_elements":"0.78801","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1165"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1165","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1165"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616854","reference_id":"1616854","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:259","reference_id":"RHSA-2002:259","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:259"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:073","reference_id":"RHSA-2003:073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:227","reference_id":"RHSA-2003:227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:227"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103701?format=json","purl":"pkg:deb/debian/sendmail@8.12.3-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.12.3-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2002-1165"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nrtz-aj39-9fdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199463?format=json","vulnerability_id":"VCID-qp3q-k522-rudc","summary":"Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1827","reference_id":"","reference_type":"","scores":[{"value":"0.00754","scoring_system":"epss","scoring_elements":"0.73676","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1827"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103703?format=json","purl":"pkg:deb/debian/sendmail@8.12-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.12-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2002-1827"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qp3q-k522-rudc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200454?format=json","vulnerability_id":"VCID-qvzg-6wwh-vufm","summary":"Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long \"header line\", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying \"The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... the bug is in the shutdown code (finis()) which leads directly to exit(3), i.e., the process would terminate anyway, no mail delivery or receiption is affected.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4434.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4434.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4434","reference_id":"","reference_type":"","scores":[{"value":"0.07028","scoring_system":"epss","scoring_elements":"0.91674","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4434"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=385054","reference_id":"385054","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=385054"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103712?format=json","purl":"pkg:deb/debian/sendmail@8.13.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2006-4434"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qvzg-6wwh-vufm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201435?format=json","vulnerability_id":"VCID-sj5y-qv5y-8ba5","summary":"Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1490.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1490.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1490","reference_id":"","reference_type":"","scores":[{"value":"0.07785","scoring_system":"epss","scoring_elements":"0.92154","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1490"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1490","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1490"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=499252","reference_id":"499252","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=499252"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103713?format=json","purl":"pkg:deb/debian/sendmail@8.13.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2009-1490"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sj5y-qv5y-8ba5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11988?format=json","vulnerability_id":"VCID-th4d-9mgw-yubu","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31256","reference_id":"","reference_type":"","scores":[{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31758","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31256"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1204696","reference_id":"show_bug.cgi?id=1204696","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-09T19:11:41Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1204696"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103695?format=json","purl":"pkg:deb/debian/sendmail@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2022-31256"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-th4d-9mgw-yubu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199476?format=json","vulnerability_id":"VCID-ws35-dvrk-eyh2","summary":"Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function by spoofing a blank DNS hostname.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-2261","reference_id":"","reference_type":"","scores":[{"value":"0.00623","scoring_system":"epss","scoring_elements":"0.70624","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-2261"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2261","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2261"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103704?format=json","purl":"pkg:deb/debian/sendmail@8.12.7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.12.7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103696?format=json","purl":"pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t3yw-8rhv-jyer"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103694?format=json","purl":"pkg:deb/debian/sendmail@8.17.1.9-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.17.1.9-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103699?format=json","purl":"pkg:deb/debian/sendmail@8.18.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103697?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103698?format=json","purl":"pkg:deb/debian/sendmail@8.18.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.18.2-2%3Fdistro=trixie"}],"aliases":["CVE-2002-2261"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ws35-dvrk-eyh2"}],"risk_score":"3.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3%3Fdistro=trixie"}