{"url":"http://public2.vulnerablecode.io/api/packages/105094?format=json","purl":"pkg:deb/debian/tcc@0.9.27%2Bgit20200814.62c30a4a-2?distro=trixie","type":"deb","namespace":"debian","name":"tcc","version":"0.9.27+git20200814.62c30a4a-2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207547?format=json","vulnerability_id":"VCID-dzsd-6nh2-bub4","summary":"An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 1 byte out of bounds write in the end_macro function in tccpp.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9754","reference_id":"","reference_type":"","scores":[{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37352","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37529","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37553","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37539","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9754"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925127","reference_id":"925127","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925127"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105092?format=json","purl":"pkg:deb/debian/tcc@0.9.27%2Bgit20200814.62c30a4a-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcc@0.9.27%252Bgit20200814.62c30a4a-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105094?format=json","purl":"pkg:deb/debian/tcc@0.9.27%2Bgit20200814.62c30a4a-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcc@0.9.27%252Bgit20200814.62c30a4a-2%3Fdistro=trixie"}],"aliases":["CVE-2019-9754"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dzsd-6nh2-bub4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200318?format=json","vulnerability_id":"VCID-f8y2-bwz2-q7bz","summary":"Tiny C Compiler (TCC) 0.9.23 (aka TinyCC) evaluates the \"i>sizeof(int)\" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0635","reference_id":"","reference_type":"","scores":[{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20639","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20814","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20834","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20812","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0635"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0635","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0635"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=352202","reference_id":"352202","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=352202"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105093?format=json","purl":"pkg:deb/debian/tcc@0.9.24~cvs20070502-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcc@0.9.24~cvs20070502-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105092?format=json","purl":"pkg:deb/debian/tcc@0.9.27%2Bgit20200814.62c30a4a-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcc@0.9.27%252Bgit20200814.62c30a4a-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105094?format=json","purl":"pkg:deb/debian/tcc@0.9.27%2Bgit20200814.62c30a4a-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcc@0.9.27%252Bgit20200814.62c30a4a-2%3Fdistro=trixie"}],"aliases":["CVE-2006-0635"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f8y2-bwz2-q7bz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206746?format=json","vulnerability_id":"VCID-v6zg-b2pt-u3d5","summary":"An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to a one-byte out-of-bounds write in the gsym_addr function in x86_64-gen.c. This occurs because tccasm.c mishandles section switches.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12495","reference_id":"","reference_type":"","scores":[{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40325","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40493","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40516","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40504","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12495"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929872","reference_id":"929872","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929872"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/105092?format=json","purl":"pkg:deb/debian/tcc@0.9.27%2Bgit20200814.62c30a4a-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcc@0.9.27%252Bgit20200814.62c30a4a-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/105094?format=json","purl":"pkg:deb/debian/tcc@0.9.27%2Bgit20200814.62c30a4a-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcc@0.9.27%252Bgit20200814.62c30a4a-2%3Fdistro=trixie"}],"aliases":["CVE-2019-12495"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v6zg-b2pt-u3d5"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcc@0.9.27%252Bgit20200814.62c30a4a-2%3Fdistro=trixie"}