Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1038142?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1038142?format=api", "purl": "pkg:deb/debian/firejail@0.9.44.8-2~bpo8%2B1", "type": "deb", "namespace": "debian", "name": "firejail", "version": "0.9.44.8-2~bpo8+1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "0.9.64.4-2+deb11u1", "latest_non_vulnerable_version": "0.9.64.4-2+deb11u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37081?format=api", "vulnerability_id": "VCID-56sf-yfk6-1key", "summary": "A vulnerability was discovered in Firejail which may allow local\n attackers to gain root privileges.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-26910", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15774", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.157", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15738", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15802", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15607", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15692", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15751", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15718", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15683", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15618", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15545", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15554", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15604", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15647", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15644", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15587", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15458", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15578", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15681", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.1566", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15701", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-26910" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26910", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26910" }, { "reference_url": "https://security.archlinux.org/ASA-202102-26", "reference_id": "ASA-202102-26", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-26" }, { "reference_url": "https://security.archlinux.org/AVG-1545", "reference_id": "AVG-1545", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1545" }, { "reference_url": "https://security.gentoo.org/glsa/202105-19", "reference_id": "GLSA-202105-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-19" }, { "reference_url": "https://usn.ubuntu.com/5141-1/", "reference_id": "USN-5141-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5141-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038144?format=api", "purl": "pkg:deb/debian/firejail@0.9.58.2-2%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-56sf-yfk6-1key" }, { "vulnerability": "VCID-9auq-b7rs-5fe2" }, { "vulnerability": "VCID-eud3-k24q-6ber" }, { "vulnerability": "VCID-uzv4-9xtx-ryhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.58.2-2%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1051132?format=api", "purl": "pkg:deb/debian/firejail@0.9.64.4-2%2Bdeb11u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.64.4-2%252Bdeb11u1" } ], "aliases": [ "CVE-2021-26910" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-56sf-yfk6-1key" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42598?format=api", "vulnerability_id": "VCID-9auq-b7rs-5fe2", "summary": "A vulnerability has been discovered in Firejail which could result in local root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31214", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21703", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.2176", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21509", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21585", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21644", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21656", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21618", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21561", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21558", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21566", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21536", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21389", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21387", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21372", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21306", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21374", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21461", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21437", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21456", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21528", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31214" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31214" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012510", "reference_id": "1012510", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012510" }, { "reference_url": "https://security.gentoo.org/glsa/202305-19", "reference_id": "GLSA-202305-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-19" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038144?format=api", "purl": "pkg:deb/debian/firejail@0.9.58.2-2%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-56sf-yfk6-1key" }, { "vulnerability": "VCID-9auq-b7rs-5fe2" }, { "vulnerability": "VCID-eud3-k24q-6ber" }, { "vulnerability": "VCID-uzv4-9xtx-ryhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.58.2-2%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1051132?format=api", "purl": "pkg:deb/debian/firejail@0.9.64.4-2%2Bdeb11u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.64.4-2%252Bdeb11u1" } ], "aliases": [ "CVE-2022-31214" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9auq-b7rs-5fe2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56585?format=api", "vulnerability_id": "VCID-eud3-k24q-6ber", "summary": "Multiple vulnerabilities have been found in Firejail, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-17368", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89064", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89073", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89088", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.8909", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89108", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89113", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89124", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.8912", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89118", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89132", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89128", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89146", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89152", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89157", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89164", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89181", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89192", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89188", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89198", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0449", "scoring_system": "epss", "scoring_elements": "0.89217", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-17368" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828" }, { "reference_url": "https://security.gentoo.org/glsa/202101-02", "reference_id": "GLSA-202101-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038144?format=api", "purl": "pkg:deb/debian/firejail@0.9.58.2-2%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-56sf-yfk6-1key" }, { "vulnerability": "VCID-9auq-b7rs-5fe2" }, { "vulnerability": "VCID-eud3-k24q-6ber" }, { "vulnerability": "VCID-uzv4-9xtx-ryhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.58.2-2%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1051132?format=api", "purl": "pkg:deb/debian/firejail@0.9.64.4-2%2Bdeb11u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.64.4-2%252Bdeb11u1" } ], "aliases": [ "CVE-2020-17368" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eud3-k24q-6ber" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93944?format=api", "vulnerability_id": "VCID-j4ay-sffd-zbat", "summary": "Firejail before 0.9.60 allows truncation (resizing to length 0) of the firejail binary on the host by running exploit code inside a firejail sandbox and having the sandbox terminated. To succeed, certain conditions need to be fulfilled: The jail (with the exploit code inside) needs to be started as root, and it also needs to be terminated as root from the host (either by stopping it ungracefully (e.g., SIGKILL), or by using the --shutdown control command). This is similar to CVE-2019-5736.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12499", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01291", "scoring_system": "epss", "scoring_elements": "0.79761", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01291", "scoring_system": "epss", "scoring_elements": "0.79785", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01291", "scoring_system": "epss", "scoring_elements": "0.79802", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01291", "scoring_system": "epss", "scoring_elements": "0.79797", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01291", "scoring_system": "epss", "scoring_elements": "0.79812", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.01291", "scoring_system": "epss", "scoring_elements": "0.7985", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.01341", "scoring_system": "epss", "scoring_elements": "0.80042", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01341", "scoring_system": "epss", "scoring_elements": "0.80026", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01341", "scoring_system": "epss", "scoring_elements": "0.80018", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01341", "scoring_system": "epss", "scoring_elements": "0.80046", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01341", "scoring_system": "epss", "scoring_elements": "0.79966", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01341", "scoring_system": "epss", "scoring_elements": "0.80075", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01341", "scoring_system": "epss", "scoring_elements": "0.8008", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01341", "scoring_system": "epss", "scoring_elements": "0.80096", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01341", "scoring_system": "epss", "scoring_elements": "0.80048", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01341", "scoring_system": "epss", "scoring_elements": "0.79973", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01341", "scoring_system": "epss", "scoring_elements": "0.79995", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01341", "scoring_system": "epss", "scoring_elements": "0.79985", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01341", "scoring_system": "epss", "scoring_elements": "0.80014", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01341", "scoring_system": "epss", "scoring_elements": "0.80022", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12499" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929733", "reference_id": "929733", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929733" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038144?format=api", "purl": "pkg:deb/debian/firejail@0.9.58.2-2%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-56sf-yfk6-1key" }, { "vulnerability": "VCID-9auq-b7rs-5fe2" }, { "vulnerability": "VCID-eud3-k24q-6ber" }, { "vulnerability": "VCID-uzv4-9xtx-ryhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.58.2-2%252Bdeb10u3" } ], "aliases": [ "CVE-2019-12499" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j4ay-sffd-zbat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56584?format=api", "vulnerability_id": "VCID-uzv4-9xtx-ryhr", "summary": "Multiple vulnerabilities have been found in Firejail, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-17367", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33197", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33324", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33356", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33189", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33232", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33265", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.3327", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33229", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33206", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33246", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33223", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33186", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.3304", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33023", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.32947", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.32834", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.32903", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.32943", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.32853", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.32879", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.32959", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-17367" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828" }, { "reference_url": "https://security.gentoo.org/glsa/202101-02", "reference_id": "GLSA-202101-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038144?format=api", "purl": "pkg:deb/debian/firejail@0.9.58.2-2%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-56sf-yfk6-1key" }, { "vulnerability": "VCID-9auq-b7rs-5fe2" }, { "vulnerability": "VCID-eud3-k24q-6ber" }, { "vulnerability": "VCID-uzv4-9xtx-ryhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.58.2-2%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1051132?format=api", "purl": "pkg:deb/debian/firejail@0.9.64.4-2%2Bdeb11u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.64.4-2%252Bdeb11u1" } ], "aliases": [ "CVE-2020-17367" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uzv4-9xtx-ryhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93945?format=api", "vulnerability_id": "VCID-wr4q-yy27-7qar", "summary": "In Firejail before 0.9.60, seccomp filters are writable inside the jail, leading to a lack of intended seccomp restrictions for a process that is joined to the jail after a filter has been modified by an attacker.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12589", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22273", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22357", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22435", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22403", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.2242", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22498", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.233", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23262", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23204", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23221", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23144", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23174", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22999", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22992", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22988", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23213", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23323", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23366", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23155", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23227", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23278", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12589" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12589", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12589" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929732", "reference_id": "929732", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929732" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038144?format=api", "purl": "pkg:deb/debian/firejail@0.9.58.2-2%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-56sf-yfk6-1key" }, { "vulnerability": "VCID-9auq-b7rs-5fe2" }, { "vulnerability": "VCID-eud3-k24q-6ber" }, { "vulnerability": "VCID-uzv4-9xtx-ryhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.58.2-2%252Bdeb10u3" } ], "aliases": [ "CVE-2019-12589" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wr4q-yy27-7qar" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.44.8-2~bpo8%252B1" }