Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1037101?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1037101?format=api", "purl": "pkg:deb/debian/exim4@4.89-2%2Bdeb9u1~bpo8%2B1", "type": "deb", "namespace": "debian", "name": "exim4", "version": "4.89-2+deb9u1~bpo8+1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "4.96-15+deb12u9", "latest_non_vulnerable_version": "4.99.2-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45525?format=api", "vulnerability_id": "VCID-1ev3-fe86-93e3", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0201", "scoring_system": "epss", "scoring_elements": "0.83632", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0201", "scoring_system": "epss", "scoring_elements": "0.83645", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0201", "scoring_system": "epss", "scoring_elements": "0.8366", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84337", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84355", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84347", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84344", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84366", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84369", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84395", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84405", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.8441", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.8443", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84456", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84472", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84471", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84489", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.8431", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84331", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28022" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ev3-fe86-93e3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45532?format=api", "vulnerability_id": "VCID-1kpw-zhj4-jfaz", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03938", "scoring_system": "epss", "scoring_elements": "0.88286", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03938", "scoring_system": "epss", "scoring_elements": "0.88294", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03938", "scoring_system": "epss", "scoring_elements": "0.88309", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0426", "scoring_system": "epss", "scoring_elements": "0.88813", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0426", "scoring_system": "epss", "scoring_elements": "0.88825", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0426", "scoring_system": "epss", "scoring_elements": "0.8882", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0426", "scoring_system": "epss", "scoring_elements": "0.88834", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0426", "scoring_system": "epss", "scoring_elements": "0.88832", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0426", "scoring_system": "epss", "scoring_elements": "0.88791", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0426", "scoring_system": "epss", "scoring_elements": "0.88808", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.88931", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.88867", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.88884", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.8889", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.88891", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.88898", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.88915", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.88928", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.88922", "published_at": "2026-05-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28026" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1kpw-zhj4-jfaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45533?format=api", "vulnerability_id": "VCID-1tqm-3s38-fqcn", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27216", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17833", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17732", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17835", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17796", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17873", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17961", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18022", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18038", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17993", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17943", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17886", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17897", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17934", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17843", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17821", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17785", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17639", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21308", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21364", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21156", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27216" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27216", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27216" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2021-27216" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1tqm-3s38-fqcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48314?format=api", "vulnerability_id": "VCID-2qea-x4nk-zfba", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://exim.org/static/doc/security/CVE-2019-15846.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://exim.org/static/doc/security/CVE-2019-15846.txt" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00024.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15846.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15846.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15846", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98448", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98432", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98433", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98437", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98436", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98439", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.9844", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98443", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98444", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98447", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.63989", "scoring_system": "epss", "scoring_elements": "0.98446", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.6448", "scoring_system": "epss", "scoring_elements": "0.98438", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.6448", "scoring_system": "epss", "scoring_elements": "0.98448", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.6448", "scoring_system": "epss", "scoring_elements": "0.9845", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.6448", "scoring_system": "epss", "scoring_elements": "0.98458", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.6448", "scoring_system": "epss", "scoring_elements": "0.9844", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.6448", "scoring_system": "epss", "scoring_elements": "0.98443", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.6448", "scoring_system": "epss", "scoring_elements": "0.98445", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15846" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15846", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15846" }, { "reference_url": "https://exim.org/static/doc/security/CVE-2019-15846.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exim.org/static/doc/security/CVE-2019-15846.txt" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00004.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FT3GY7V7SR2RHKNZNQCGXFWUSILVSZNU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FT3GY7V7SR2RHKNZNQCGXFWUSILVSZNU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDF37AUNETIOXY6ZLQAUBGBVUTMMV242/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDF37AUNETIOXY6ZLQAUBGBVUTMMV242/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SBNHDAF74RI6VK2JVSEIE3VYNL7JJDYM/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SBNHDAF74RI6VK2JVSEIE3VYNL7JJDYM/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Sep/13", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Sep/13" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4517" }, { "reference_url": "https://www.kb.cert.org/vuls/id/672565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.kb.cert.org/vuls/id/672565" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2019/09/06/1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openwall.com/lists/oss-security/2019/09/06/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/06/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/06/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/06/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/06/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/06/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/06/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/06/6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/06/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/06/8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/06/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/07/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/07/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/07/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/07/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/08/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/08/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/09/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/09/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1748397", "reference_id": "1748397", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1748397" }, { "reference_url": "https://security.archlinux.org/ASA-201909-3", "reference_id": "ASA-201909-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201909-3" }, { "reference_url": "https://security.archlinux.org/AVG-1037", "reference_id": "AVG-1037", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1037" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15846", "reference_id": "CVE-2019-15846", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15846" }, { "reference_url": "https://security.gentoo.org/glsa/201909-06", "reference_id": "GLSA-201909-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201909-06" }, { "reference_url": "https://usn.ubuntu.com/4124-1/", "reference_id": "USN-4124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4124-1/" }, { "reference_url": "https://usn.ubuntu.com/4124-2/", "reference_id": "USN-4124-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4124-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037103?format=api", "purl": "pkg:deb/debian/exim4@4.89-2%2Bdeb9u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-56xq-sgry-2uhd" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-c9g9-ufem-9bgr" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-qyqw-2gga-m3c6" }, { "vulnerability": "VCID-raam-5am9-hbef" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-rrea-52kb-3qf1" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-x7cz-svaj-rkb5" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-2%252Bdeb9u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2019-15846" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2qea-x4nk-zfba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45524?format=api", "vulnerability_id": "VCID-3z7r-efh2-tyf9", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05647", "scoring_system": "epss", "scoring_elements": "0.90422", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.05647", "scoring_system": "epss", "scoring_elements": "0.90428", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.05647", "scoring_system": "epss", "scoring_elements": "0.90419", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91075", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91084", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91085", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91109", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91057", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91069", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91123", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91118", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91133", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91148", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91111", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06476", "scoring_system": "epss", "scoring_elements": "0.91125", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.07645", "scoring_system": "epss", "scoring_elements": "0.91847", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07645", "scoring_system": "epss", "scoring_elements": "0.91862", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07645", "scoring_system": "epss", "scoring_elements": "0.91855", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28021" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3z7r-efh2-tyf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56931?format=api", "vulnerability_id": "VCID-55h7-dczu-rfhe", "summary": "Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42115.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42115.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42115", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98718", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98708", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98712", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98715", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98717", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98691", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98692", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98693", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98695", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98696", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98697", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.987", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98701", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98705", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.70686", "scoring_system": "epss", "scoring_elements": "0.98707", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.72904", "scoring_system": "epss", "scoring_elements": "0.98772", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.72904", "scoring_system": "epss", "scoring_elements": "0.98769", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241525", "reference_id": "2241525", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241525" }, { "reference_url": "https://security.gentoo.org/glsa/202402-18", "reference_id": "GLSA-202402-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-18" }, { "reference_url": "https://usn.ubuntu.com/6411-1/", "reference_id": "USN-6411-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6411-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1469/", "reference_id": "ZDI-23-1469", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-09-20T19:32:20Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1469/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2023-42115" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-55h7-dczu-rfhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57178?format=api", "vulnerability_id": "VCID-56xq-sgry-2uhd", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6789.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6789.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6789", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99419", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99404", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99403", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99405", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99406", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99407", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99408", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99409", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.9941", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99411", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99414", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99412", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99413", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99415", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99417", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.86439", "scoring_system": "epss", "scoring_elements": "0.99416", "published_at": "2026-05-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6789" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6789" }, { "reference_url": "http://www.securityfocus.com/bid/103049", "reference_id": "103049", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "http://www.securityfocus.com/bid/103049" }, { "reference_url": "http://www.securitytracker.com/id/1040461", "reference_id": "1040461", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "http://www.securitytracker.com/id/1040461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1543268", "reference_id": "1543268", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1543268" }, { "reference_url": "http://openwall.com/lists/oss-security/2018/02/10/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "http://openwall.com/lists/oss-security/2018/02/10/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2018/02/07/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2018/02/07/2" }, { "reference_url": "https://www.exploit-db.com/exploits/44571/", "reference_id": "44571", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://www.exploit-db.com/exploits/44571/" }, { "reference_url": "https://www.exploit-db.com/exploits/45671/", "reference_id": "45671", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://www.exploit-db.com/exploits/45671/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890000", "reference_id": "890000", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890000" }, { "reference_url": "https://security.archlinux.org/ASA-201802-6", "reference_id": "ASA-201802-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201802-6" }, { "reference_url": "https://security.archlinux.org/AVG-608", "reference_id": "AVG-608", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-608" }, { "reference_url": "https://git.exim.org/exim.git/commit/cf3cd306062a08969c41a1cdd32c6855f1abecf1", "reference_id": "cf3cd306062a08969c41a1cdd32c6855f1abecf1", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://git.exim.org/exim.git/commit/cf3cd306062a08969c41a1cdd32c6855f1abecf1" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/44571.py", "reference_id": "CVE-2018-6789", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/44571.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45671.py", "reference_id": "CVE-2018-6789", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45671.py" }, { "reference_url": "https://medium.com/@straightblast426/my-poc-walk-through-for-cve-2018-6789-2e402e4ff588", "reference_id": "CVE-2018-6789", "reference_type": "exploit", "scores": [], "url": "https://medium.com/@straightblast426/my-poc-walk-through-for-cve-2018-6789-2e402e4ff588" }, { "reference_url": "https://exim.org/static/doc/security/CVE-2018-6789.txt", "reference_id": "CVE-2018-6789.txt", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://exim.org/static/doc/security/CVE-2018-6789.txt" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4110", "reference_id": "dsa-4110", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4110" }, { "reference_url": "http://packetstormsecurity.com/files/162959/Exim-base64d-Buffer-Overflow.html", "reference_id": "Exim-base64d-Buffer-Overflow.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "http://packetstormsecurity.com/files/162959/Exim-base64d-Buffer-Overflow.html" }, { "reference_url": "https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/", "reference_id": "exim-off-by-one-RCE-exploiting-CVE-2018-6789-en", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/" }, { "reference_url": "https://security.gentoo.org/glsa/201803-01", "reference_id": "GLSA-201803-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00009.html", "reference_id": "msg00009.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00009.html" }, { "reference_url": "https://usn.ubuntu.com/3565-1/", "reference_id": "USN-3565-1", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/" } ], "url": "https://usn.ubuntu.com/3565-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037103?format=api", "purl": "pkg:deb/debian/exim4@4.89-2%2Bdeb9u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-56xq-sgry-2uhd" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-c9g9-ufem-9bgr" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-qyqw-2gga-m3c6" }, { "vulnerability": "VCID-raam-5am9-hbef" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-rrea-52kb-3qf1" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-x7cz-svaj-rkb5" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-2%252Bdeb9u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" } ], "aliases": [ "CVE-2018-6789" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-56xq-sgry-2uhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56936?format=api", "vulnerability_id": "VCID-5e2k-ure4-wfdf", "summary": "Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42117.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42117.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42117", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91671", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91765", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91758", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91757", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91677", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91686", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91698", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91705", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91709", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91711", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91707", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91728", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91721", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91722", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91725", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91723", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91736", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0735", "scoring_system": "epss", "scoring_elements": "0.91748", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42117" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42117" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241531", "reference_id": "2241531", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241531" }, { "reference_url": "https://security.gentoo.org/glsa/202402-18", "reference_id": "GLSA-202402-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-18" }, { "reference_url": "https://usn.ubuntu.com/6455-1/", "reference_id": "USN-6455-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6455-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1471/", "reference_id": "ZDI-23-1471", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-03T16:58:53Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1471/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051552?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7" } ], "aliases": [ "CVE-2023-42117" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5e2k-ure4-wfdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45527?format=api", "vulnerability_id": "VCID-69es-qatu-uub2", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03499", "scoring_system": "epss", "scoring_elements": "0.87549", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03499", "scoring_system": "epss", "scoring_elements": "0.87558", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03499", "scoring_system": "epss", "scoring_elements": "0.87572", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88068", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88079", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88071", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88072", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88086", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88083", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88101", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88106", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88105", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88116", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88132", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88145", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88143", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88156", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88043", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03787", "scoring_system": "epss", "scoring_elements": "0.88063", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28023" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-69es-qatu-uub2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95201?format=api", "vulnerability_id": "VCID-6dwr-t9kn-2yfn", "summary": "A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71193", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.7106", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71042", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71089", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71096", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71076", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71133", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71141", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71145", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71127", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71166", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71203", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71002", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.7102", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.70994", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71052", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71075", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3559" }, { "reference_url": "https://git.exim.org/exim.git/commit/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2", "reference_id": "4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/" } ], "url": "https://git.exim.org/exim.git/commit/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV/", "reference_id": "EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV/" }, { "reference_url": "https://vuldb.com/?id.211073", "reference_id": "?id.211073", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/" } ], "url": "https://vuldb.com/?id.211073" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=2915", "reference_id": "show_bug.cgi?id=2915", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/" } ], "url": "https://bugs.exim.org/show_bug.cgi?id=2915" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMQ6OCKPNPBPSD37YR4FOWV2R54M2UEP/", "reference_id": "TMQ6OCKPNPBPSD37YR4FOWV2R54M2UEP", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMQ6OCKPNPBPSD37YR4FOWV2R54M2UEP/" }, { "reference_url": "https://usn.ubuntu.com/5741-1/", "reference_id": "USN-5741-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5741-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFHLZVHNNO2GWYP5EA4TZQZ5O4GVPARR/", "reference_id": "WFHLZVHNNO2GWYP5EA4TZQZ5O4GVPARR", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFHLZVHNNO2GWYP5EA4TZQZ5O4GVPARR/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051552?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7" } ], "aliases": [ "CVE-2022-3559" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6dwr-t9kn-2yfn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45520?format=api", "vulnerability_id": "VCID-7vuu-yzmu-duew", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87041", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87035", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87052", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87056", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87005", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87025", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87033", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03214", "scoring_system": "epss", "scoring_elements": "0.87046", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0344", "scoring_system": "epss", "scoring_elements": "0.87432", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0344", "scoring_system": "epss", "scoring_elements": "0.87441", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0344", "scoring_system": "epss", "scoring_elements": "0.87455", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03683", "scoring_system": "epss", "scoring_elements": "0.88014", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.03683", "scoring_system": "epss", "scoring_elements": "0.87939", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03683", "scoring_system": "epss", "scoring_elements": "0.87955", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03683", "scoring_system": "epss", "scoring_elements": "0.87962", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03683", "scoring_system": "epss", "scoring_elements": "0.87973", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.03683", "scoring_system": "epss", "scoring_elements": "0.87988", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.03683", "scoring_system": "epss", "scoring_elements": "0.88004", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.03683", "scoring_system": "epss", "scoring_elements": "0.88001", "published_at": "2026-05-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28017" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7vuu-yzmu-duew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45530?format=api", "vulnerability_id": "VCID-838e-pk6w-t3by", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01659", "scoring_system": "epss", "scoring_elements": "0.82004", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01659", "scoring_system": "epss", "scoring_elements": "0.82026", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01659", "scoring_system": "epss", "scoring_elements": "0.81992", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82774", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82791", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82786", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82782", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82821", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8282", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82823", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82846", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82855", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8286", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82879", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.829", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82921", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82919", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82934", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82742", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82768", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28025" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-838e-pk6w-t3by" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45517?format=api", "vulnerability_id": "VCID-87un-11ea-myhg", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.3725", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.3727", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37338", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.3736", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37278", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37752", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37803", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37815", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.3783", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37794", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37769", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37817", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37798", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37737", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37498", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37477", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37387", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42091", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42119", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.4203", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28014" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-87un-11ea-myhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95233?format=api", "vulnerability_id": "VCID-92ug-3eae-tydc", "summary": "Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37452", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89315", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89328", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.8933", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89347", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89351", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.8936", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89357", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89353", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89367", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89364", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89382", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89386", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89389", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89398", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89416", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89429", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89428", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89438", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37452" }, { "reference_url": "https://usn.ubuntu.com/5574-1/", "reference_id": "USN-5574-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5574-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2022-37452" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-92ug-3eae-tydc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45510?format=api", "vulnerability_id": "VCID-avxe-yhcq-wudx", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.3857", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38545", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38619", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38632", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38546", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39023", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39075", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39091", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39103", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39066", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39046", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39101", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39072", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38988", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38779", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38756", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38668", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43572", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43599", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.4351", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28007" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-avxe-yhcq-wudx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56210?format=api", "vulnerability_id": "VCID-bgxc-8scn-z7e8", "summary": "A vulnerability in Exim could allow a remote attacker to execute\n arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16928.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16928.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16928", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.89816", "scoring_system": "epss", "scoring_elements": "0.99569", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.89905", "scoring_system": "epss", "scoring_elements": "0.99571", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.89905", "scoring_system": "epss", "scoring_elements": "0.99572", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.89905", "scoring_system": "epss", "scoring_elements": "0.99574", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.89905", "scoring_system": "epss", "scoring_elements": "0.9957", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.89905", "scoring_system": "epss", "scoring_elements": "0.99573", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.99591", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.99582", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.99583", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.99584", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.99585", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.99586", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.99588", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.9959", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.90019", "scoring_system": "epss", "scoring_elements": "0.99589", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16928" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=2449", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://bugs.exim.org/show_bug.cgi?id=2449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16928" }, { "reference_url": "https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65f", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65f" }, { "reference_url": "https://lists.exim.org/lurker/message/20190927.032457.c1044d4c.en.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://lists.exim.org/lurker/message/20190927.032457.c1044d4c.en.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EED7HM3MFIBAP5OIMJAFJ35JAJABTVSC/", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EED7HM3MFIBAP5OIMJAFJ35JAJABTVSC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3TJW4HPYH3O5HZCWGD6NSHTEBTTAPDC/", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3TJW4HPYH3O5HZCWGD6NSHTEBTTAPDC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UY6HPRW7MR3KBQ5JFHH6OXM7YCZBJCOB/", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UY6HPRW7MR3KBQ5JFHH6OXM7YCZBJCOB/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Sep/60", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://seclists.org/bugtraq/2019/Sep/60" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-16928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-16928" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4536", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4536" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/28/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/09/28/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/28/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/09/28/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/28/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/09/28/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/28/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/09/28/4" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1756930", "reference_id": "1756930", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1756930" }, { "reference_url": "https://security.archlinux.org/ASA-201910-1", "reference_id": "ASA-201910-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201910-1" }, { "reference_url": "https://security.archlinux.org/AVG-1038", "reference_id": "AVG-1038", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1038" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16928", "reference_id": "CVE-2019-16928", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16928" }, { "reference_url": "https://security.gentoo.org/glsa/202003-47", "reference_id": "GLSA-202003-47", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://security.gentoo.org/glsa/202003-47" }, { "reference_url": "https://usn.ubuntu.com/4141-1/", "reference_id": "USN-4141-1", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/" } ], "url": "https://usn.ubuntu.com/4141-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2019-16928" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bgxc-8scn-z7e8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45515?format=api", "vulnerability_id": "VCID-bz4v-p82a-skgk", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34634", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34597", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34669", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34706", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34609", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35077", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35122", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35147", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35152", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35117", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35093", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35131", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35068", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34836", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34818", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34725", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39189", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39211", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39003", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28012" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bz4v-p82a-skgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57176?format=api", "vulnerability_id": "VCID-c9g9-ufem-9bgr", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://openwall.com/lists/oss-security/2017/11/25/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2017/11/25/1" }, { "reference_url": "http://openwall.com/lists/oss-security/2017/11/25/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2017/11/25/2" }, { "reference_url": "http://openwall.com/lists/oss-security/2017/11/25/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2017/11/25/3" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16943.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16943.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16943", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.745", "scoring_system": "epss", "scoring_elements": "0.98841", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.745", "scoring_system": "epss", "scoring_elements": "0.98838", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.745", "scoring_system": "epss", "scoring_elements": "0.98844", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.745", "scoring_system": "epss", "scoring_elements": "0.98843", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.745", "scoring_system": "epss", "scoring_elements": "0.98839", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98979", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98975", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98976", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98978", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98956", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98957", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98958", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.9896", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98961", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98963", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98967", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.98968", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.76925", "scoring_system": "epss", "scoring_elements": "0.9897", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16943" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=2199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.exim.org/show_bug.cgi?id=2199" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16943" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16944" }, { "reference_url": "https://git.exim.org/exim.git/commit/4090d62a4b25782129cc1643596dc2f6e8f63bde", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.exim.org/exim.git/commit/4090d62a4b25782129cc1643596dc2f6e8f63bde" }, { "reference_url": "https://git.exim.org/exim.git/commitdiff/4e6ae6235c68de243b1c2419027472d7659aa2b4", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.exim.org/exim.git/commitdiff/4e6ae6235c68de243b1c2419027472d7659aa2b4" }, { "reference_url": "https://github.com/LetUsFsck/PoC-Exploit-Mirror/tree/master/CVE-2017-16944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/LetUsFsck/PoC-Exploit-Mirror/tree/master/CVE-2017-16944" }, { "reference_url": "https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-4053" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/05/04/7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7" }, { "reference_url": "http://www.securitytracker.com/id/1039872", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039872" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517680", "reference_id": "1517680", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517680" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882648", "reference_id": "882648", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882648" }, { "reference_url": "https://security.archlinux.org/ASA-201711-32", "reference_id": "ASA-201711-32", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-32" }, { "reference_url": "https://security.archlinux.org/AVG-518", "reference_id": "AVG-518", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-518" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.88:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.88:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.88:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.89:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.89:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.89:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16943", "reference_id": "CVE-2017-16943", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16943" }, { "reference_url": "https://security.gentoo.org/glsa/201803-01", "reference_id": "GLSA-201803-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-01" }, { "reference_url": "https://usn.ubuntu.com/3493-1/", "reference_id": "USN-3493-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3493-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037102?format=api", "purl": "pkg:deb/debian/exim4@4.89-2%2Bdeb9u3~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-56xq-sgry-2uhd" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-c9g9-ufem-9bgr" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-qyqw-2gga-m3c6" }, { "vulnerability": "VCID-raam-5am9-hbef" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-rrea-52kb-3qf1" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-x7cz-svaj-rkb5" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-2%252Bdeb9u3~bpo8%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" } ], "aliases": [ "CVE-2017-16943" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c9g9-ufem-9bgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45514?format=api", "vulnerability_id": "VCID-caau-2ury-hbbs", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35397", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35376", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35447", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35468", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35373", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35846", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35919", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35925", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35884", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3586", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.359", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35887", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35838", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3561", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35579", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35492", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.4003", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40056", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39882", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28011" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-caau-2ury-hbbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56934?format=api", "vulnerability_id": "VCID-f998-369d-r3ds", "summary": "Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42116.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42116.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42116", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91234", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91362", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91354", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91352", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91243", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.9125", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91263", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.9127", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91277", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.9128", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91279", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91304", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91306", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91316", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91314", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91328", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.06734", "scoring_system": "epss", "scoring_elements": "0.91344", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241528", "reference_id": "2241528", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241528" }, { "reference_url": "https://security.gentoo.org/glsa/202402-18", "reference_id": "GLSA-202402-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-18" }, { "reference_url": "https://usn.ubuntu.com/6411-1/", "reference_id": "USN-6411-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6411-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1470/", "reference_id": "ZDI-23-1470", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-05T15:02:42Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1470/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2023-42116" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f998-369d-r3ds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45511?format=api", "vulnerability_id": "VCID-kxtk-ybzc-eyfj", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29874", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29843", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29915", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29924", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29853", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30277", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30336", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.3037", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30373", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30329", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30282", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30296", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30278", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30234", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30169", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30053", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29978", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34186", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34219", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.33848", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28008" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kxtk-ybzc-eyfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94857?format=api", "vulnerability_id": "VCID-m8mt-ya9x-yqaq", "summary": "The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38371", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84593", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84382", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84397", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84417", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.8442", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84441", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84446", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84465", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84459", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84455", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84477", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84479", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84506", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84515", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84519", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84536", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84562", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84579", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.02209", "scoring_system": "epss", "scoring_elements": "0.84576", "published_at": "2026-05-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38371" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38371" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992172", "reference_id": "992172", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992172" }, { "reference_url": "https://security.archlinux.org/AVG-2272", "reference_id": "AVG-2272", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2272" }, { "reference_url": "https://usn.ubuntu.com/6881-1/", "reference_id": "USN-6881-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6881-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051552?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7" } ], "aliases": [ "CVE-2021-38371" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m8mt-ya9x-yqaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45512?format=api", "vulnerability_id": "VCID-mssq-pkfp-fbhg", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39564", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39543", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39608", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39625", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39539", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39982", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40035", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40049", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.4006", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40023", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40003", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40053", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40024", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39946", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39774", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.3976", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39674", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44559", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.4458", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44488", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28009" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mssq-pkfp-fbhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74998?format=api", "vulnerability_id": "VCID-mwem-kfpv-eqf2", "summary": "exim: exim: Incorrect parsing of multiline rfc2231 header filename", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39929.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39929.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.6031", "scoring_system": "epss", "scoring_elements": "0.98299", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.6031", "scoring_system": "epss", "scoring_elements": "0.98285", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.6031", "scoring_system": "epss", "scoring_elements": "0.98284", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.6031", "scoring_system": "epss", "scoring_elements": "0.98287", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.6031", "scoring_system": "epss", "scoring_elements": "0.98288", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.6031", "scoring_system": "epss", "scoring_elements": "0.98294", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.6031", "scoring_system": "epss", "scoring_elements": "0.98297", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.6031", "scoring_system": "epss", "scoring_elements": "0.98296", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.63532", "scoring_system": "epss", "scoring_elements": "0.98401", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.63915", "scoring_system": "epss", "scoring_elements": "0.98434", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.63915", "scoring_system": "epss", "scoring_elements": "0.98429", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.63915", "scoring_system": "epss", "scoring_elements": "0.98422", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.63915", "scoring_system": "epss", "scoring_elements": "0.98425", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.63915", "scoring_system": "epss", "scoring_elements": "0.98426", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.63915", "scoring_system": "epss", "scoring_elements": "0.9842", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39929" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075785", "reference_id": "1075785", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075785" }, { "reference_url": "https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b", "reference_id": "1b3209b0577a9327ebb076f3b32b8a159c253f7b", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/" } ], "url": "https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295819", "reference_id": "2295819", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295819" }, { "reference_url": "https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357", "reference_id": "6ce5c70cff8989418e05d01fd2a57703007a6357", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/" } ], "url": "https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357" }, { "reference_url": "https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3", "reference_id": "exim-4.98-RC2...exim-4.98-RC3", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/" } ], "url": "https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3" }, { "reference_url": "https://www.rfc-editor.org/rfc/rfc2231.txt", "reference_id": "rfc2231.txt", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/" } ], "url": "https://www.rfc-editor.org/rfc/rfc2231.txt" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=3099#c4", "reference_id": "show_bug.cgi?id=3099#c4", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/" } ], "url": "https://bugs.exim.org/show_bug.cgi?id=3099#c4" }, { "reference_url": "https://usn.ubuntu.com/6939-1/", "reference_id": "USN-6939-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6939-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2024-39929" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mwem-kfpv-eqf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56938?format=api", "vulnerability_id": "VCID-puuy-w6ze-9kc7", "summary": "Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42119.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42119.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42119", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72637", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72808", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.7282", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72783", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72654", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72632", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72671", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72684", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72707", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.7269", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.7268", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72722", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72733", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72725", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72767", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72776", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72772", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72765", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42119" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42119", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42119" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241542", "reference_id": "2241542", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241542" }, { "reference_url": "https://security.gentoo.org/glsa/202402-18", "reference_id": "GLSA-202402-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-18" }, { "reference_url": "https://usn.ubuntu.com/6455-1/", "reference_id": "USN-6455-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6455-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1473/", "reference_id": "ZDI-23-1473", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T16:29:47Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1473/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051552?format=api", "purl": "pkg:deb/debian/exim4@4.96-15%2Bdeb12u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7" } ], "aliases": [ "CVE-2023-42119" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-puuy-w6ze-9kc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45521?format=api", "vulnerability_id": "VCID-pzsv-7fee-1ugu", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28018", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.65912", "scoring_system": "epss", "scoring_elements": "0.98522", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.65912", "scoring_system": "epss", "scoring_elements": "0.98521", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.65912", "scoring_system": "epss", "scoring_elements": "0.98517", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.65912", "scoring_system": "epss", "scoring_elements": "0.98526", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.65912", "scoring_system": "epss", "scoring_elements": "0.98528", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.65912", "scoring_system": "epss", "scoring_elements": "0.98525", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.76461", "scoring_system": "epss", "scoring_elements": "0.98927", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.76461", "scoring_system": "epss", "scoring_elements": "0.98928", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.76461", "scoring_system": "epss", "scoring_elements": "0.9893", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.78667", "scoring_system": "epss", "scoring_elements": "0.99045", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.78667", "scoring_system": "epss", "scoring_elements": "0.99044", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.78667", "scoring_system": "epss", "scoring_elements": "0.99043", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.78667", "scoring_system": "epss", "scoring_elements": "0.99042", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.78667", "scoring_system": "epss", "scoring_elements": "0.99041", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.78667", "scoring_system": "epss", "scoring_elements": "0.9904", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28018" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28018", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28018" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28018" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pzsv-7fee-1ugu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45513?format=api", "vulnerability_id": "VCID-qr4y-643y-dqdz", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31321", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31312", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31381", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31389", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31297", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31844", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31896", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31925", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3193", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3189", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31857", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31889", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31868", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31841", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31673", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31545", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31463", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35879", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35909", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35681", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28010" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qr4y-643y-dqdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56929?format=api", "vulnerability_id": "VCID-qupq-a4jw-bbhh", "summary": "Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42114.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42114.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42114", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94276", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.9437", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94357", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94364", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94287", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94289", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94298", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94302", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94306", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94307", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94308", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94323", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94328", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94327", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94331", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94336", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.13895", "scoring_system": "epss", "scoring_elements": "0.94345", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-42114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241538", "reference_id": "2241538", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241538" }, { "reference_url": "https://security.gentoo.org/glsa/202402-18", "reference_id": "GLSA-202402-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-18" }, { "reference_url": "https://usn.ubuntu.com/6411-1/", "reference_id": "USN-6411-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6411-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1468/", "reference_id": "ZDI-23-1468", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-03T17:07:34Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1468/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2023-42114" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qupq-a4jw-bbhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45523?format=api", "vulnerability_id": "VCID-qyqw-2gga-m3c6", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28020", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19796", "scoring_system": "epss", "scoring_elements": "0.95423", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.19796", "scoring_system": "epss", "scoring_elements": "0.95408", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.19796", "scoring_system": "epss", "scoring_elements": "0.95417", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95642", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95646", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95648", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95657", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.9566", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95662", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95663", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95664", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95679", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95682", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95687", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95694", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95698", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.9563", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.21063", "scoring_system": "epss", "scoring_elements": "0.95638", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28020" }, { "reference_url": "https://security.archlinux.org/AVG-1912", "reference_id": "AVG-1912", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1912" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" } ], "aliases": [ "CVE-2020-28020" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qyqw-2gga-m3c6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49994?format=api", "vulnerability_id": "VCID-raam-5am9-hbef", "summary": "A vulnerability in Exim could allow a remote attacker to execute\n arbitrary commands.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10149.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10149.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10149", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93918", "scoring_system": "epss", "scoring_elements": "0.9988", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.93918", "scoring_system": "epss", "scoring_elements": "0.99879", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.93918", "scoring_system": "epss", "scoring_elements": "0.99878", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.93918", "scoring_system": "epss", "scoring_elements": "0.99881", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.93918", "scoring_system": "epss", "scoring_elements": "0.99877", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.93918", "scoring_system": "epss", "scoring_elements": "0.99876", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10149" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10149" }, { "reference_url": "http://www.securityfocus.com/bid/108679", "reference_id": "108679", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://www.securityfocus.com/bid/108679" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715237", "reference_id": "1715237", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715237" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/06/05/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/06/05/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/06/05/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/06/05/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/07/26/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/07/26/4" }, { "reference_url": "https://seclists.org/bugtraq/2019/Jun/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "https://seclists.org/bugtraq/2019/Jun/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/07/25/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/07/25/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/07/25/7", "reference_id": "7", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/07/25/7" }, { "reference_url": "https://security.archlinux.org/AVG-982", "reference_id": "AVG-982", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-982" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46996.sh", "reference_id": "CVE-2019-10149", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46996.sh" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/47307.rb", "reference_id": "CVE-2019-10149", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/47307.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/46974.txt", "reference_id": "CVE-2019-10149", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/46974.txt" }, { "reference_url": "https://lwn.net/Articles/790553/", "reference_id": "CVE-2019-10149", "reference_type": "exploit", "scores": [], "url": "https://lwn.net/Articles/790553/" }, { "reference_url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb", "reference_id": "CVE-2019-10149", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb" }, { "reference_url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt", "reference_id": "CVE-2019-10149.txt", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "https://www.exim.org/static/doc/security/CVE-2019-10149.txt" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4456", "reference_id": "dsa-4456", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4456" }, { "reference_url": "http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html", "reference_id": "Exim-4.91-Local-Privilege-Escalation.html", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html" }, { "reference_url": "http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html", "reference_id": "Exim-4.91-Local-Privilege-Escalation.html", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html" }, { "reference_url": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html", "reference_id": "Exim-4.9.1-Remote-Command-Execution.html", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html" }, { "reference_url": "https://security.gentoo.org/glsa/201906-01", "reference_id": "GLSA-201906-01", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "https://security.gentoo.org/glsa/201906-01" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html", "reference_id": "msg00020.html", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149", "reference_id": "show_bug.cgi?id=CVE-2019-10149", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149" }, { "reference_url": "https://usn.ubuntu.com/4010-1/", "reference_id": "USN-4010-1", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/" } ], "url": "https://usn.ubuntu.com/4010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037103?format=api", "purl": "pkg:deb/debian/exim4@4.89-2%2Bdeb9u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-56xq-sgry-2uhd" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-c9g9-ufem-9bgr" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-qyqw-2gga-m3c6" }, { "vulnerability": "VCID-raam-5am9-hbef" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-rrea-52kb-3qf1" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-x7cz-svaj-rkb5" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-2%252Bdeb9u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" } ], "aliases": [ "CVE-2019-10149" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-raam-5am9-hbef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45519?format=api", "vulnerability_id": "VCID-rgkw-1sqv-d7hx", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28016", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35165", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35138", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35208", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35235", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35142", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35606", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35652", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35675", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35684", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3564", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35618", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35657", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35647", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35596", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35358", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35337", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35256", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39752", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39774", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39604", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28016" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28016", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28016" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28016" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rgkw-1sqv-d7hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57177?format=api", "vulnerability_id": "VCID-rrea-52kb-3qf1", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://openwall.com/lists/oss-security/2017/11/25/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2017/11/25/1" }, { "reference_url": "http://openwall.com/lists/oss-security/2017/11/25/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2017/11/25/2" }, { "reference_url": "http://openwall.com/lists/oss-security/2017/11/25/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2017/11/25/3" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16944.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16944.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16944", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98908", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98939", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98935", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98936", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98938", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.9891", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98912", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98914", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98916", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98915", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98917", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98918", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.9892", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98922", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98925", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98928", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.9893", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.76031", "scoring_system": "epss", "scoring_elements": "0.98934", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16944" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16943" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16944" }, { "reference_url": "https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-4053" }, { "reference_url": "https://www.exploit-db.com/exploits/43184/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43184/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/05/04/7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2021/05/04/7" }, { "reference_url": "http://www.securitytracker.com/id/1039873", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039873" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517684", "reference_id": "1517684", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517684" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882671", "reference_id": "882671", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882671" }, { "reference_url": "https://security.archlinux.org/ASA-201711-32", "reference_id": "ASA-201711-32", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-32" }, { "reference_url": "https://security.archlinux.org/AVG-518", "reference_id": "AVG-518", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-518" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.88:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.88:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.88:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.89:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:4.89:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.89:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://bugs.exim.org/show_bug.cgi?id=2201", "reference_id": "CVE-2017-16944", "reference_type": "exploit", "scores": [], "url": "https://bugs.exim.org/show_bug.cgi?id=2201" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/43184.txt", "reference_id": "CVE-2017-16944", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/43184.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16944", "reference_id": "CVE-2017-16944", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16944" }, { "reference_url": "https://security.gentoo.org/glsa/201803-01", "reference_id": "GLSA-201803-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-01" }, { "reference_url": "https://usn.ubuntu.com/3499-1/", "reference_id": "USN-3499-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3499-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037102?format=api", "purl": "pkg:deb/debian/exim4@4.89-2%2Bdeb9u3~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-56xq-sgry-2uhd" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-c9g9-ufem-9bgr" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-qyqw-2gga-m3c6" }, { "vulnerability": "VCID-raam-5am9-hbef" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-rrea-52kb-3qf1" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-x7cz-svaj-rkb5" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-2%252Bdeb9u3~bpo8%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" } ], "aliases": [ "CVE-2017-16944" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rrea-52kb-3qf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56939?format=api", "vulnerability_id": "VCID-stsb-pwen-87g7", "summary": "Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51766", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81898", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81921", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81917", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81944", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81951", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81971", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.8196", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81955", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.8199", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.81992", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.82015", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.82026", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.82031", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.8205", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.8207", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.82096", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.82092", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01642", "scoring_system": "epss", "scoring_elements": "0.82109", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51766" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059387", "reference_id": "1059387", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059387" }, { "reference_url": "https://security.gentoo.org/glsa/202402-18", "reference_id": "GLSA-202402-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-18" }, { "reference_url": "https://usn.ubuntu.com/6611-1/", "reference_id": "USN-6611-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6611-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2023-51766" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-stsb-pwen-87g7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45522?format=api", "vulnerability_id": "VCID-swer-ztd6-nkga", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01682", "scoring_system": "epss", "scoring_elements": "0.82115", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01682", "scoring_system": "epss", "scoring_elements": "0.82128", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01682", "scoring_system": "epss", "scoring_elements": "0.82149", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82873", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82889", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82884", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.8288", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82919", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.8292", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82922", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82942", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82952", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82957", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82977", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82998", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.83018", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.83034", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82841", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.82866", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28019" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-swer-ztd6-nkga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45516?format=api", "vulnerability_id": "VCID-tpt6-ze4u-a7dt", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35397", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35376", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35447", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35468", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35373", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35846", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35919", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35925", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35884", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3586", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.359", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35887", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35838", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3561", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35579", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35492", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.4003", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40056", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39882", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28013" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tpt6-ze4u-a7dt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79757?format=api", "vulnerability_id": "VCID-ujms-hna1-z7e6", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12783.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12783.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12783", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86372", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86383", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.864", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.86943", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.86963", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.8697", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.86984", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.86978", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.86973", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.86988", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.86992", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.8699", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.87008", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.87013", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.87015", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.87035", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.87051", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.87068", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.87063", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.03185", "scoring_system": "epss", "scoring_elements": "0.87078", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12783" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12783", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12783" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1836362", "reference_id": "1836362", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1836362" }, { "reference_url": "https://usn.ubuntu.com/4366-1/", "reference_id": "USN-4366-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4366-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037103?format=api", "purl": "pkg:deb/debian/exim4@4.89-2%2Bdeb9u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-56xq-sgry-2uhd" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-c9g9-ufem-9bgr" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-qyqw-2gga-m3c6" }, { "vulnerability": "VCID-raam-5am9-hbef" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-rrea-52kb-3qf1" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-x7cz-svaj-rkb5" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-2%252Bdeb9u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-12783" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ujms-hna1-z7e6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45518?format=api", "vulnerability_id": "VCID-v1t8-y73h-vyee", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34634", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34597", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34669", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34706", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34609", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35077", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35122", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35147", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35152", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35117", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35093", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35131", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35068", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34836", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34818", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34725", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39189", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39211", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39003", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28015" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v1t8-y73h-vyee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39285?format=api", "vulnerability_id": "VCID-x7cz-svaj-rkb5", "summary": "A vulnerability in Exim may allow local users to gain root\n privileges.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000369.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000369.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000369", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54139", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54156", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54186", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.5416", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54212", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54208", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54258", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.5424", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.5422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54262", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54243", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54222", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54198", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54146", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54188", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54203", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54228", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000369" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000369", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000369" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457748", "reference_id": "1457748", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457748" }, { "reference_url": "https://security.archlinux.org/ASA-201711-32", "reference_id": "ASA-201711-32", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-32" }, { "reference_url": "https://security.archlinux.org/AVG-518", "reference_id": "AVG-518", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-518" }, { "reference_url": "https://security.gentoo.org/glsa/201709-19", "reference_id": "GLSA-201709-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201709-19" }, { "reference_url": "https://usn.ubuntu.com/3322-1/", "reference_id": "USN-3322-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3322-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037102?format=api", "purl": "pkg:deb/debian/exim4@4.89-2%2Bdeb9u3~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-56xq-sgry-2uhd" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-c9g9-ufem-9bgr" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-qyqw-2gga-m3c6" }, { "vulnerability": "VCID-raam-5am9-hbef" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-rrea-52kb-3qf1" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-x7cz-svaj-rkb5" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-2%252Bdeb9u3~bpo8%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" } ], "aliases": [ "CVE-2017-1000369" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x7cz-svaj-rkb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48312?format=api", "vulnerability_id": "VCID-yytq-tcvz-43dq", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13917.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13917.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13917", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19574", "scoring_system": "epss", "scoring_elements": "0.95463", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.19574", "scoring_system": "epss", "scoring_elements": "0.95459", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95424", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.9543", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95434", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95441", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95443", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95448", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.9545", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95459", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95464", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95468", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95469", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.9547", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.9548", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95487", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95494", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.19865", "scoring_system": "epss", "scoring_elements": "0.95415", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13917" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13917" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731412", "reference_id": "1731412", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731412" }, { "reference_url": "https://security.archlinux.org/ASA-201908-4", "reference_id": "ASA-201908-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-4" }, { "reference_url": "https://security.archlinux.org/AVG-1011", "reference_id": "AVG-1011", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1011" }, { "reference_url": "https://security.gentoo.org/glsa/201909-06", "reference_id": "GLSA-201909-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201909-06" }, { "reference_url": "https://usn.ubuntu.com/4075-1/", "reference_id": "USN-4075-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4075-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037103?format=api", "purl": "pkg:deb/debian/exim4@4.89-2%2Bdeb9u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-56xq-sgry-2uhd" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-c9g9-ufem-9bgr" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-qyqw-2gga-m3c6" }, { "vulnerability": "VCID-raam-5am9-hbef" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-rrea-52kb-3qf1" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-x7cz-svaj-rkb5" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-2%252Bdeb9u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2019-13917" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yytq-tcvz-43dq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45529?format=api", "vulnerability_id": "VCID-z51d-zdeq-suas", "summary": "Multiple vulnerabilities have been found in Exim, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04033", "scoring_system": "epss", "scoring_elements": "0.88462", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04033", "scoring_system": "epss", "scoring_elements": "0.88438", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04033", "scoring_system": "epss", "scoring_elements": "0.88446", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88952", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88964", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88958", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88957", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.8897", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88968", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88981", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88989", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88996", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.89011", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.89021", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.89015", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.89025", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88929", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04361", "scoring_system": "epss", "scoring_elements": "0.88947", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026" }, { "reference_url": "https://security.archlinux.org/AVG-1911", "reference_id": "AVG-1911", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1911" }, { "reference_url": "https://security.gentoo.org/glsa/202105-01", "reference_id": "GLSA-202105-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-01" }, { "reference_url": "https://usn.ubuntu.com/4934-1/", "reference_id": "USN-4934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-1/" }, { "reference_url": "https://usn.ubuntu.com/4934-2/", "reference_id": "USN-4934-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4934-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037807?format=api", "purl": "pkg:deb/debian/exim4@4.92-8%2Bdeb10u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-8%252Bdeb10u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049399?format=api", "purl": "pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-gdsh-48ys-33ew" }, { "vulnerability": "VCID-huhp-241r-jbf6" }, { "vulnerability": "VCID-hy1a-tah2-27gq" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-ry9v-ge65-sqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28024" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z51d-zdeq-suas" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82810?format=api", "vulnerability_id": "VCID-85sn-frqr-wqc1", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9963.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9963.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9963", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82098", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.8211", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82131", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82126", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82153", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.8216", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82179", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.8217", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82165", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82203", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82204", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82226", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82237", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.8224", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82256", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82277", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.823", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82296", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82312", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9963" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9963", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9963" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1405322", "reference_id": "1405322", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1405322" }, { "reference_url": "https://security.archlinux.org/AVG-153", "reference_id": "AVG-153", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-153" }, { "reference_url": "https://usn.ubuntu.com/3164-1/", "reference_id": "USN-3164-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3164-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036567?format=api", "purl": "pkg:deb/debian/exim4@4.84.2-2%2Bdeb8u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-56xq-sgry-2uhd" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-85sn-frqr-wqc1" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-c9g9-ufem-9bgr" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-p285-6bu3-vuh5" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-qyqw-2gga-m3c6" }, { "vulnerability": "VCID-raam-5am9-hbef" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-rrea-52kb-3qf1" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-x7cz-svaj-rkb5" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.84.2-2%252Bdeb8u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037101?format=api", "purl": "pkg:deb/debian/exim4@4.89-2%2Bdeb9u1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-56xq-sgry-2uhd" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-c9g9-ufem-9bgr" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-qyqw-2gga-m3c6" }, { "vulnerability": "VCID-raam-5am9-hbef" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-rrea-52kb-3qf1" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-x7cz-svaj-rkb5" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-2%252Bdeb9u1~bpo8%252B1" } ], "aliases": [ "CVE-2016-9963" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-85sn-frqr-wqc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62581?format=api", "vulnerability_id": "VCID-p285-6bu3-vuh5", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00026.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00026.html" }, { "reference_url": "http://packetstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1531.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1531.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1531", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98148", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98144", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98147", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98114", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98117", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98121", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98122", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98126", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98127", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98131", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98132", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98137", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98139", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98136", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98138", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.9814", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.5677", "scoring_system": "epss", "scoring_elements": "0.98145", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1531" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.exploit-db.com/exploits/39535/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/39535/" }, { "reference_url": "https://www.exploit-db.com/exploits/39549/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/39549/" }, { "reference_url": "https://www.exploit-db.com/exploits/39702/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/39702/" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3517", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3517" }, { "reference_url": "http://www.exim.org/static/doc/CVE-2016-1531.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exim.org/static/doc/CVE-2016-1531.txt" }, { "reference_url": "http://www.rapid7.com/db/modules/exploit/unix/local/exim_perl_startup", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rapid7.com/db/modules/exploit/unix/local/exim_perl_startup" }, { "reference_url": "http://www.securitytracker.com/id/1035512", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035512" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2933-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2933-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314293", "reference_id": "1314293", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314293" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*" }, { "reference_url": "http://legalhackers.com/advisories/Exim-Local-Root-Privilege-Escalation.txt", "reference_id": "CVE-2016-1531", "reference_type": "exploit", "scores": [], "url": "http://legalhackers.com/advisories/Exim-Local-Root-Privilege-Escalation.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39535.sh", "reference_id": "CVE-2016-1531", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39535.sh" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39549.txt", "reference_id": "CVE-2016-1531", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39549.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39702.rb", "reference_id": "CVE-2016-1531", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39702.rb" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1531", "reference_id": "CVE-2016-1531", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1531" }, { "reference_url": "https://usn.ubuntu.com/2933-1/", "reference_id": "USN-2933-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2933-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571918?format=api", "purl": "pkg:deb/debian/exim4@4.80-7%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-56xq-sgry-2uhd" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-85sn-frqr-wqc1" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-c9g9-ufem-9bgr" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-p285-6bu3-vuh5" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-qyqw-2gga-m3c6" }, { "vulnerability": "VCID-raam-5am9-hbef" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-rrea-52kb-3qf1" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-teft-hqz3-7ubr" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-vykx-t8yc-tycc" }, { "vulnerability": "VCID-x7cz-svaj-rkb5" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.80-7%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036567?format=api", "purl": "pkg:deb/debian/exim4@4.84.2-2%2Bdeb8u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-56xq-sgry-2uhd" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-85sn-frqr-wqc1" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-c9g9-ufem-9bgr" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-p285-6bu3-vuh5" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-qyqw-2gga-m3c6" }, { "vulnerability": "VCID-raam-5am9-hbef" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-rrea-52kb-3qf1" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-x7cz-svaj-rkb5" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.84.2-2%252Bdeb8u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037101?format=api", "purl": "pkg:deb/debian/exim4@4.89-2%2Bdeb9u1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ev3-fe86-93e3" }, { "vulnerability": "VCID-1kpw-zhj4-jfaz" }, { "vulnerability": "VCID-1tqm-3s38-fqcn" }, { "vulnerability": "VCID-2qea-x4nk-zfba" }, { "vulnerability": "VCID-3z7r-efh2-tyf9" }, { "vulnerability": "VCID-55h7-dczu-rfhe" }, { "vulnerability": "VCID-56xq-sgry-2uhd" }, { "vulnerability": "VCID-5e2k-ure4-wfdf" }, { "vulnerability": "VCID-69es-qatu-uub2" }, { "vulnerability": "VCID-6dwr-t9kn-2yfn" }, { "vulnerability": "VCID-7vuu-yzmu-duew" }, { "vulnerability": "VCID-838e-pk6w-t3by" }, { "vulnerability": "VCID-87un-11ea-myhg" }, { "vulnerability": "VCID-92ug-3eae-tydc" }, { "vulnerability": "VCID-avxe-yhcq-wudx" }, { "vulnerability": "VCID-bgxc-8scn-z7e8" }, { "vulnerability": "VCID-bz4v-p82a-skgk" }, { "vulnerability": "VCID-c9g9-ufem-9bgr" }, { "vulnerability": "VCID-caau-2ury-hbbs" }, { "vulnerability": "VCID-f998-369d-r3ds" }, { "vulnerability": "VCID-kxtk-ybzc-eyfj" }, { "vulnerability": "VCID-m8mt-ya9x-yqaq" }, { "vulnerability": "VCID-mssq-pkfp-fbhg" }, { "vulnerability": "VCID-mwem-kfpv-eqf2" }, { "vulnerability": "VCID-puuy-w6ze-9kc7" }, { "vulnerability": "VCID-pzsv-7fee-1ugu" }, { "vulnerability": "VCID-qr4y-643y-dqdz" }, { "vulnerability": "VCID-qupq-a4jw-bbhh" }, { "vulnerability": "VCID-qyqw-2gga-m3c6" }, { "vulnerability": "VCID-raam-5am9-hbef" }, { "vulnerability": "VCID-rgkw-1sqv-d7hx" }, { "vulnerability": "VCID-rrea-52kb-3qf1" }, { "vulnerability": "VCID-stsb-pwen-87g7" }, { "vulnerability": "VCID-swer-ztd6-nkga" }, { "vulnerability": "VCID-tpt6-ze4u-a7dt" }, { "vulnerability": "VCID-ujms-hna1-z7e6" }, { "vulnerability": "VCID-v1t8-y73h-vyee" }, { "vulnerability": "VCID-x7cz-svaj-rkb5" }, { "vulnerability": "VCID-yytq-tcvz-43dq" }, { "vulnerability": "VCID-z51d-zdeq-suas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-2%252Bdeb9u1~bpo8%252B1" } ], "aliases": [ "CVE-2016-1531" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p285-6bu3-vuh5" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-2%252Bdeb9u1~bpo8%252B1" }