Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1050551?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1050551?format=api", "purl": "pkg:deb/debian/sendmail@8.8.8-20", "type": "deb", "namespace": "debian", "name": "sendmail", "version": "8.8.8-20", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "8.17.1.9-2+deb12u2", "latest_non_vulnerable_version": "8.17.1.9-2+deb12u2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51302?format=api", "vulnerability_id": "VCID-3fjk-gqgc-3yhs", "summary": "Sendmail is vulnerable to a race condition which could lead to the\n execution of arbitrary code with sendmail privileges.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0058.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0058.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-0058", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.5899", "scoring_system": "epss", "scoring_elements": "0.9821", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.5899", "scoring_system": "epss", "scoring_elements": "0.98213", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.5899", "scoring_system": "epss", "scoring_elements": "0.98217", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.5899", "scoring_system": "epss", "scoring_elements": "0.98218", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.5899", "scoring_system": "epss", "scoring_elements": "0.98223", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.5899", "scoring_system": "epss", "scoring_elements": "0.98226", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.5899", "scoring_system": "epss", "scoring_elements": "0.98225", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.5899", "scoring_system": "epss", "scoring_elements": "0.98231", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.5899", "scoring_system": "epss", "scoring_elements": "0.98232", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.5899", "scoring_system": "epss", "scoring_elements": "0.98233", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.5899", "scoring_system": "epss", "scoring_elements": "0.98235", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.5899", "scoring_system": "epss", "scoring_elements": "0.9824", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-0058" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617872", "reference_id": "1617872", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617872" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358440", "reference_id": "358440", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358440" }, { "reference_url": "https://security.gentoo.org/glsa/200603-21", "reference_id": "GLSA-200603-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200603-21" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/2051.py", "reference_id": "OSVDB-24037;CVE-2006-0058", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/2051.py" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0264", "reference_id": "RHSA-2006:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0265", "reference_id": "RHSA-2006:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0265" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051872?format=api", "purl": "pkg:deb/debian/sendmail@8.13.8-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.8-3" } ], "aliases": [ "CVE-2006-0058" ], "risk_score": 1.0, "exploitability": "2.0", "weighted_severity": "0.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3fjk-gqgc-3yhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88172?format=api", "vulnerability_id": "VCID-3k8z-tghq-cbdh", "summary": "sendmail: long first header can overflow into message body", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1490.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1490.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1490", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07785", "scoring_system": "epss", "scoring_elements": "0.91926", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07785", "scoring_system": "epss", "scoring_elements": "0.91934", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07785", "scoring_system": "epss", "scoring_elements": "0.91942", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07785", "scoring_system": "epss", "scoring_elements": "0.91948", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07785", "scoring_system": "epss", "scoring_elements": "0.91961", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07785", "scoring_system": "epss", "scoring_elements": "0.91966", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07785", "scoring_system": "epss", "scoring_elements": "0.91969", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07785", "scoring_system": "epss", "scoring_elements": "0.91965", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07785", "scoring_system": "epss", "scoring_elements": "0.91984", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07785", "scoring_system": "epss", "scoring_elements": "0.91982", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.07785", "scoring_system": "epss", "scoring_elements": "0.91977", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.07785", "scoring_system": "epss", "scoring_elements": "0.9198", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.07785", "scoring_system": "epss", "scoring_elements": "0.91991", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1490" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1490", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1490" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=499252", "reference_id": "499252", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=499252" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32995.txt", "reference_id": "CVE-2009-1490;OSVDB-54669", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32995.txt" }, { "reference_url": "https://www.securityfocus.com/bid/34944/info", "reference_id": "CVE-2009-1490;OSVDB-54669", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/34944/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050554?format=api", "purl": "pkg:deb/debian/sendmail@8.13.4-3sarge3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fjk-gqgc-3yhs" }, { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-fgbr-mydh-7bhx" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-m7np-crvq-p3dc" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.4-3sarge3" } ], "aliases": [ "CVE-2009-1490" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3k8z-tghq-cbdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91027?format=api", "vulnerability_id": "VCID-7f7m-pgk8-jqff", "summary": "Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05522", "scoring_system": "epss", "scoring_elements": "0.90208", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05522", "scoring_system": "epss", "scoring_elements": "0.9021", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05522", "scoring_system": "epss", "scoring_elements": "0.90223", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05522", "scoring_system": "epss", "scoring_elements": "0.90228", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05522", "scoring_system": "epss", "scoring_elements": "0.90243", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05522", "scoring_system": "epss", "scoring_elements": "0.9025", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05522", "scoring_system": "epss", "scoring_elements": "0.90258", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05522", "scoring_system": "epss", "scoring_elements": "0.90257", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05522", "scoring_system": "epss", "scoring_elements": "0.90252", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05522", "scoring_system": "epss", "scoring_elements": "0.90268", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05522", "scoring_system": "epss", "scoring_elements": "0.90264", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05522", "scoring_system": "epss", "scoring_elements": "0.90278", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.05522", "scoring_system": "epss", "scoring_elements": "0.90275", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.05522", "scoring_system": "epss", "scoring_elements": "0.90287", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0906" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050554?format=api", "purl": "pkg:deb/debian/sendmail@8.13.4-3sarge3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fjk-gqgc-3yhs" }, { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-fgbr-mydh-7bhx" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-m7np-crvq-p3dc" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.4-3sarge3" } ], "aliases": [ "CVE-2002-0906" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7f7m-pgk8-jqff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89640?format=api", "vulnerability_id": "VCID-8g11-dp5v-yycj", "summary": "security flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0688.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0688.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0688", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.8227", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82283", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82303", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82297", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82324", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82332", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82351", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82345", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82339", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82374", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82377", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82398", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82409", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82413", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01711", "scoring_system": "epss", "scoring_elements": "0.82432", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0688" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0688" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617065", "reference_id": "1617065", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617065" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:265", "reference_id": "RHSA-2003:265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:265" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050554?format=api", "purl": "pkg:deb/debian/sendmail@8.13.4-3sarge3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fjk-gqgc-3yhs" }, { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-fgbr-mydh-7bhx" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-m7np-crvq-p3dc" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.4-3sarge3" } ], "aliases": [ "CVE-2003-0688" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8g11-dp5v-yycj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89835?format=api", "vulnerability_id": "VCID-8g7g-jc7b-f3fd", "summary": "security flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1165.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1165.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1165", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01137", "scoring_system": "epss", "scoring_elements": "0.7845", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01137", "scoring_system": "epss", "scoring_elements": "0.7848", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01137", "scoring_system": "epss", "scoring_elements": "0.78465", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01538", "scoring_system": "epss", "scoring_elements": "0.81348", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01538", "scoring_system": "epss", "scoring_elements": "0.81371", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01538", "scoring_system": "epss", "scoring_elements": "0.81356", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01538", "scoring_system": "epss", "scoring_elements": "0.81386", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01538", "scoring_system": "epss", "scoring_elements": "0.81388", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01538", "scoring_system": "epss", "scoring_elements": "0.81389", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01538", "scoring_system": "epss", "scoring_elements": "0.81411", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.029", "scoring_system": "epss", "scoring_elements": "0.86334", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.029", "scoring_system": "epss", "scoring_elements": "0.86344", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.029", "scoring_system": "epss", "scoring_elements": "0.86316", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.029", "scoring_system": "epss", "scoring_elements": "0.86315", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.029", "scoring_system": "epss", "scoring_elements": "0.86287", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.029", "scoring_system": "epss", "scoring_elements": "0.86297", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1165" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1165", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1165" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616854", "reference_id": "1616854", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616854" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/21884.txt", "reference_id": "CVE-2002-1165;OSVDB-9305", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/21884.txt" }, { "reference_url": "https://www.securityfocus.com/bid/5845/info", "reference_id": "CVE-2002-1165;OSVDB-9305", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/5845/info" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2002:259", "reference_id": "RHSA-2002:259", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2002:259" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:073", "reference_id": "RHSA-2003:073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:227", "reference_id": "RHSA-2003:227", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:227" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050553?format=api", "purl": "pkg:deb/debian/sendmail@8.12.3-7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fjk-gqgc-3yhs" }, { "vulnerability": "VCID-3k8z-tghq-cbdh" }, { "vulnerability": "VCID-7f7m-pgk8-jqff" }, { "vulnerability": "VCID-8g11-dp5v-yycj" }, { "vulnerability": "VCID-9kez-3pxn-k7gr" }, { "vulnerability": "VCID-axw2-9wxf-skes" }, { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-fgbr-mydh-7bhx" }, { "vulnerability": "VCID-fm43-r24t-h7ez" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-m7np-crvq-p3dc" }, { "vulnerability": "VCID-mngh-1224-uucj" }, { "vulnerability": "VCID-p9fa-ter1-3ker" }, { "vulnerability": "VCID-pmae-5146-27dt" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" }, { "vulnerability": "VCID-y9e6-ugss-hbc8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.12.3-7.1" } ], "aliases": [ "CVE-2002-1165" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8g7g-jc7b-f3fd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91206?format=api", "vulnerability_id": "VCID-9kez-3pxn-k7gr", "summary": "Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0833", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71149", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71159", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71176", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71151", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71193", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71206", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71229", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71215", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71199", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71245", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71252", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71282", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71289", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71293", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00664", "scoring_system": "epss", "scoring_elements": "0.71278", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0833" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050554?format=api", "purl": "pkg:deb/debian/sendmail@8.13.4-3sarge3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fjk-gqgc-3yhs" }, { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-fgbr-mydh-7bhx" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-m7np-crvq-p3dc" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.4-3sarge3" } ], "aliases": [ "CVE-2004-0833" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9kez-3pxn-k7gr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89621?format=api", "vulnerability_id": "VCID-axw2-9wxf-skes", "summary": "security flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0694.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0694.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0694", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.7608", "scoring_system": "epss", "scoring_elements": "0.98911", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.7608", "scoring_system": "epss", "scoring_elements": "0.98913", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.7608", "scoring_system": "epss", "scoring_elements": "0.98915", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.7608", "scoring_system": "epss", "scoring_elements": "0.98917", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.7608", "scoring_system": "epss", "scoring_elements": "0.98918", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.7608", "scoring_system": "epss", "scoring_elements": "0.9892", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.7608", "scoring_system": "epss", "scoring_elements": "0.98921", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.7608", "scoring_system": "epss", "scoring_elements": "0.98923", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.7608", "scoring_system": "epss", "scoring_elements": "0.98925", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.7608", "scoring_system": "epss", "scoring_elements": "0.98927", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.7608", "scoring_system": "epss", "scoring_elements": "0.9893", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.7608", "scoring_system": "epss", "scoring_elements": "0.98931", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.7608", "scoring_system": "epss", "scoring_elements": "0.98932", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.7608", "scoring_system": "epss", "scoring_elements": "0.98936", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0694" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0694", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0694" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617070", "reference_id": "1617070", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:283", "reference_id": "RHSA-2003:283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:284", "reference_id": "RHSA-2003:284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:284" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050554?format=api", "purl": "pkg:deb/debian/sendmail@8.13.4-3sarge3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fjk-gqgc-3yhs" }, { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-fgbr-mydh-7bhx" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-m7np-crvq-p3dc" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.4-3sarge3" } ], "aliases": [ "CVE-2003-0694" ], "risk_score": 1.4, "exploitability": "2.0", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-axw2-9wxf-skes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49053?format=api", "vulnerability_id": "VCID-dk9t-39dj-cud4", "summary": "An error in the hostname matching in sendmail might enable remote\n attackers to conduct man-in-the-middle attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4565.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4565.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4565", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73476", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73485", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73507", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73479", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73516", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73529", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73552", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73536", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73528", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73572", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73582", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73575", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73607", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73617", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73615", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73608", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=552622", "reference_id": "552622", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=552622" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564581", "reference_id": "564581", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564581" }, { "reference_url": "https://security.gentoo.org/glsa/201206-30", "reference_id": "GLSA-201206-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0237", "reference_id": "RHSA-2010:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0262", "reference_id": "RHSA-2011:0262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0262" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051875?format=api", "purl": "pkg:deb/debian/sendmail@8.14.3-9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.14.3-9.4" } ], "aliases": [ "CVE-2009-4565" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dk9t-39dj-cud4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90377?format=api", "vulnerability_id": "VCID-fgbr-mydh-7bhx", "summary": "Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long \"header line\", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying \"The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... the bug is in the shutdown code (finis()) which leads directly to exit(3), i.e., the process would terminate anyway, no mail delivery or receiption is affected.\"", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4434.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4434.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07028", "scoring_system": "epss", "scoring_elements": "0.91437", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07028", "scoring_system": "epss", "scoring_elements": "0.91443", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07028", "scoring_system": "epss", "scoring_elements": "0.91453", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07028", "scoring_system": "epss", "scoring_elements": "0.9146", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07028", "scoring_system": "epss", "scoring_elements": "0.91473", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07028", "scoring_system": "epss", "scoring_elements": "0.91479", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07028", "scoring_system": "epss", "scoring_elements": "0.91484", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07028", "scoring_system": "epss", "scoring_elements": "0.91487", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07028", "scoring_system": "epss", "scoring_elements": "0.91485", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07028", "scoring_system": "epss", "scoring_elements": "0.91509", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.07028", "scoring_system": "epss", "scoring_elements": "0.91504", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.07028", "scoring_system": "epss", "scoring_elements": "0.91513", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.07028", "scoring_system": "epss", "scoring_elements": "0.91511", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.07028", "scoring_system": "epss", "scoring_elements": "0.91522", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4434" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=385054", "reference_id": "385054", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=385054" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051872?format=api", "purl": "pkg:deb/debian/sendmail@8.13.8-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.8-3" } ], "aliases": [ "CVE-2006-4434" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fgbr-mydh-7bhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89712?format=api", "vulnerability_id": "VCID-fm43-r24t-h7ez", "summary": "security flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0161.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0161.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0161", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.98574", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.98577", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.9858", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.98582", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.98584", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.98585", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.98587", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.98589", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.98594", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.98595", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.98593", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.98597", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.98598", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.986", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.67899", "scoring_system": "epss", "scoring_elements": "0.98604", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0161" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616990", "reference_id": "1616990", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616990" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/22442.c", "reference_id": "CVE-2003-0161;OSVDB-8294", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/22442.c" }, { "reference_url": "https://www.securityfocus.com/bid/7230/info", "reference_id": "CVE-2003-0161;OSVDB-8294", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/7230/info" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24.c", "reference_id": "OSVDB-8294;CVE-2003-0161", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24.c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:120", "reference_id": "RHSA-2003:120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:121", "reference_id": "RHSA-2003:121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:227", "reference_id": "RHSA-2003:227", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:227" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050554?format=api", "purl": "pkg:deb/debian/sendmail@8.13.4-3sarge3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fjk-gqgc-3yhs" }, { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-fgbr-mydh-7bhx" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-m7np-crvq-p3dc" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.4-3sarge3" } ], "aliases": [ "CVE-2003-0161" ], "risk_score": 1.2, "exploitability": "2.0", "weighted_severity": "0.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fm43-r24t-h7ez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41635?format=api", "vulnerability_id": "VCID-gycy-hbda-p3ht", "summary": "A vulnerability in sendmail could allow a local attacker to obtain\n sensitive information.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3956.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3956.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3956", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23676", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23564", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23555", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23519", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23402", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27812", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27818", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27776", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.2782", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27727", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27701", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27719", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.2787", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.2791", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27702", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.2777", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102174", "reference_id": "1102174", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102174" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750562", "reference_id": "750562", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750562" }, { "reference_url": "https://security.gentoo.org/glsa/201412-32", "reference_id": "GLSA-201412-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-32" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051877?format=api", "purl": "pkg:deb/debian/sendmail@8.14.4-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.14.4-8" } ], "aliases": [ "CVE-2014-3956" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gycy-hbda-p3ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59761?format=api", "vulnerability_id": "VCID-m7np-crvq-p3dc", "summary": "Faulty multipart MIME messages can cause forked Sendmail processes to\n crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-1173.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-1173.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-1173", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21456", "scoring_system": "epss", "scoring_elements": "0.95674", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.21456", "scoring_system": "epss", "scoring_elements": "0.95683", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.21456", "scoring_system": "epss", "scoring_elements": "0.95689", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.21456", "scoring_system": "epss", "scoring_elements": "0.95691", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.21456", "scoring_system": "epss", "scoring_elements": "0.957", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.21456", "scoring_system": "epss", "scoring_elements": "0.95704", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.21456", "scoring_system": "epss", "scoring_elements": "0.95707", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.21456", "scoring_system": "epss", "scoring_elements": "0.95709", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.21456", "scoring_system": "epss", "scoring_elements": "0.95718", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.21456", "scoring_system": "epss", "scoring_elements": "0.95721", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.21456", "scoring_system": "epss", "scoring_elements": "0.95722", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.21456", "scoring_system": "epss", "scoring_elements": "0.95724", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.21456", "scoring_system": "epss", "scoring_elements": "0.95723", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.21456", "scoring_system": "epss", "scoring_elements": "0.95737", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-1173" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618028", "reference_id": "1618028", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618028" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373801", "reference_id": "373801", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373801" }, { "reference_url": "https://security.gentoo.org/glsa/200606-19", "reference_id": "GLSA-200606-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200606-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0515", "reference_id": "RHSA-2006:0515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0515" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051872?format=api", "purl": "pkg:deb/debian/sendmail@8.13.8-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.8-3" } ], "aliases": [ "CVE-2006-1173" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m7np-crvq-p3dc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89736?format=api", "vulnerability_id": "VCID-mngh-1224-uucj", "summary": "security flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1337.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1337.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1337", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.51995", "scoring_system": "epss", "scoring_elements": "0.97927", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.51995", "scoring_system": "epss", "scoring_elements": "0.97921", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.51995", "scoring_system": "epss", "scoring_elements": "0.97922", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.53948", "scoring_system": "epss", "scoring_elements": "0.98015", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.53948", "scoring_system": "epss", "scoring_elements": "0.98007", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.53948", "scoring_system": "epss", "scoring_elements": "0.98008", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.53948", "scoring_system": "epss", "scoring_elements": "0.98009", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.53948", "scoring_system": "epss", "scoring_elements": "0.98003", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.53948", "scoring_system": "epss", "scoring_elements": "0.97997", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.53948", "scoring_system": "epss", "scoring_elements": "0.98002", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.55443", "scoring_system": "epss", "scoring_elements": "0.9809", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.56979", "scoring_system": "epss", "scoring_elements": "0.98144", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.69706", "scoring_system": "epss", "scoring_elements": "0.98654", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.69706", "scoring_system": "epss", "scoring_elements": "0.98651", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.69706", "scoring_system": "epss", "scoring_elements": "0.9865", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1337", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1337" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616877", "reference_id": "1616877", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616877" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22313.c", "reference_id": "CVE-2002-1337;OSVDB-4502", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22313.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22314.c", "reference_id": "CVE-2002-1337;OSVDB-4502", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22314.c" }, { "reference_url": "https://www.securityfocus.com/bid/6991/info", "reference_id": "CVE-2002-1337;OSVDB-4502", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/6991/info" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/411.c", "reference_id": "OSVDB-4502;CVE-2002-1337", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/411.c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:073", "reference_id": "RHSA-2003:073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:074", "reference_id": "RHSA-2003:074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:227", "reference_id": "RHSA-2003:227", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:227" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050554?format=api", "purl": "pkg:deb/debian/sendmail@8.13.4-3sarge3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fjk-gqgc-3yhs" }, { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-fgbr-mydh-7bhx" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-m7np-crvq-p3dc" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.4-3sarge3" } ], "aliases": [ "CVE-2002-1337" ], "risk_score": 1.2, "exploitability": "2.0", "weighted_severity": "0.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mngh-1224-uucj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91098?format=api", "vulnerability_id": "VCID-p9fa-ter1-3ker", "summary": "The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0308", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19027", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19162", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19214", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.1893", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.1901", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19064", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19069", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19023", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18971", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18925", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18938", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18948", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.1884", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18821", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18776", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18656", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0308" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050554?format=api", "purl": "pkg:deb/debian/sendmail@8.13.4-3sarge3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fjk-gqgc-3yhs" }, { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-fgbr-mydh-7bhx" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-m7np-crvq-p3dc" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.4-3sarge3" } ], "aliases": [ "CVE-2003-0308" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p9fa-ter1-3ker" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89620?format=api", "vulnerability_id": "VCID-pmae-5146-27dt", "summary": "security flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0681.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0681.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0681", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12435", "scoring_system": "epss", "scoring_elements": "0.93862", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.12435", "scoring_system": "epss", "scoring_elements": "0.93871", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.12435", "scoring_system": "epss", "scoring_elements": "0.9388", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.12435", "scoring_system": "epss", "scoring_elements": "0.93883", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.12435", "scoring_system": "epss", "scoring_elements": "0.93892", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.12435", "scoring_system": "epss", "scoring_elements": "0.93896", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.12435", "scoring_system": "epss", "scoring_elements": "0.93899", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.12435", "scoring_system": "epss", "scoring_elements": "0.939", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.12435", "scoring_system": "epss", "scoring_elements": "0.93921", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.12435", "scoring_system": "epss", "scoring_elements": "0.93926", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.12435", "scoring_system": "epss", "scoring_elements": "0.93928", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.12435", "scoring_system": "epss", "scoring_elements": "0.9393", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.12435", "scoring_system": "epss", "scoring_elements": "0.93929", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.12435", "scoring_system": "epss", "scoring_elements": "0.93938", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-0681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0681" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617062", "reference_id": "1617062", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617062" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/23154.c", "reference_id": "CVE-2003-0681;OSVDB-2577", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/23154.c" }, { "reference_url": "https://www.securityfocus.com/bid/8641/info", "reference_id": "CVE-2003-0681;OSVDB-2577", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/8641/info" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2003:283", "reference_id": "RHSA-2003:283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2003:283" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050554?format=api", "purl": "pkg:deb/debian/sendmail@8.13.4-3sarge3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fjk-gqgc-3yhs" }, { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-fgbr-mydh-7bhx" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-m7np-crvq-p3dc" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.4-3sarge3" } ], "aliases": [ "CVE-2003-0681" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pmae-5146-27dt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77892?format=api", "vulnerability_id": "VCID-qzm7-bmk8-9fgf", "summary": "sendmail: SMTP smuggling vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51765.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51765.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51765", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74609", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74636", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.7461", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74641", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74655", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74678", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74658", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.7465", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74687", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74695", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74686", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74722", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74728", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.7473", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00837", "scoring_system": "epss", "scoring_elements": "0.74735", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51765" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51765" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059386", "reference_id": "1059386", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059386" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255869", "reference_id": "2255869", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255869" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051881?format=api", "purl": "pkg:deb/debian/sendmail@8.15.2-22%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u8aq-2qhu-gff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.15.2-22%252Bdeb11u3" } ], "aliases": [ "CVE-2023-51765" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qzm7-bmk8-9fgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91065?format=api", "vulnerability_id": "VCID-rn5g-z7bd-6qbv", "summary": "Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1827", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.7317", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.7318", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73201", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73175", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73211", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73224", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73249", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.7323", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73223", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73266", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73275", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73268", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73302", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73316", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73314", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73308", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1827" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1827", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1827" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/21476.c", "reference_id": "CVE-2002-1827;OSVDB-59769", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/21476.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/21477.c", "reference_id": "CVE-2002-1827;OSVDB-59769", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/21477.c" }, { "reference_url": "https://www.securityfocus.com/bid/4822/info", "reference_id": "CVE-2002-1827;OSVDB-59769", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/4822/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050553?format=api", "purl": "pkg:deb/debian/sendmail@8.12.3-7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fjk-gqgc-3yhs" }, { "vulnerability": "VCID-3k8z-tghq-cbdh" }, { "vulnerability": "VCID-7f7m-pgk8-jqff" }, { "vulnerability": "VCID-8g11-dp5v-yycj" }, { "vulnerability": "VCID-9kez-3pxn-k7gr" }, { "vulnerability": "VCID-axw2-9wxf-skes" }, { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-fgbr-mydh-7bhx" }, { "vulnerability": "VCID-fm43-r24t-h7ez" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-m7np-crvq-p3dc" }, { "vulnerability": "VCID-mngh-1224-uucj" }, { "vulnerability": "VCID-p9fa-ter1-3ker" }, { "vulnerability": "VCID-pmae-5146-27dt" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" }, { "vulnerability": "VCID-y9e6-ugss-hbc8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.12.3-7.1" } ], "aliases": [ "CVE-2002-1827" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rn5g-z7bd-6qbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91075?format=api", "vulnerability_id": "VCID-y9e6-ugss-hbc8", "summary": "Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function by spoofing a blank DNS hostname.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-2261", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69337", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69349", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69365", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69345", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69395", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69411", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69433", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69418", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69404", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69443", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69454", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69435", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69487", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69494", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.695", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69479", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-2261" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2261", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2261" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050554?format=api", "purl": "pkg:deb/debian/sendmail@8.13.4-3sarge3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fjk-gqgc-3yhs" }, { "vulnerability": "VCID-dk9t-39dj-cud4" }, { "vulnerability": "VCID-fgbr-mydh-7bhx" }, { "vulnerability": "VCID-gycy-hbda-p3ht" }, { "vulnerability": "VCID-m7np-crvq-p3dc" }, { "vulnerability": "VCID-qzm7-bmk8-9fgf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.13.4-3sarge3" } ], "aliases": [ "CVE-2002-2261" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y9e6-ugss-hbc8" } ], "fixing_vulnerabilities": [], "risk_score": "2.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/sendmail@8.8.8-20" }