{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","type":"deb","namespace":"debian","name":"unzip","version":"6.0-29","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4293?format=json","vulnerability_id":"VCID-36nk-3nkw-7ubs","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000035.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000035.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000035","reference_id":"","reference_type":"","scores":[{"value":"0.63564","scoring_system":"epss","scoring_elements":"0.98437","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537043","reference_id":"1537043","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537043"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838","reference_id":"889838","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838"},{"reference_url":"https://security.archlinux.org/AVG-611","reference_id":"AVG-611","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-611"},{"reference_url":"https://security.gentoo.org/glsa/202003-58","reference_id":"GLSA-202003-58","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-58"},{"reference_url":"https://usn.ubuntu.com/4672-1/","reference_id":"USN-4672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4672-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106447?format=json","purl":"pkg:deb/debian/unzip@6.0-22?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-22%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2018-1000035"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-36nk-3nkw-7ubs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200158?format=json","vulnerability_id":"VCID-58nu-wh1q-6ff3","summary":"Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2475.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2475.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2475","reference_id":"","reference_type":"","scores":[{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.2326","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2475"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617723","reference_id":"1617723","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617723"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=321927","reference_id":"321927","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=321927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0203","reference_id":"RHSA-2007:0203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0203"},{"reference_url":"https://usn.ubuntu.com/191-1/","reference_id":"USN-191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/191-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106438?format=json","purl":"pkg:deb/debian/unzip@5.52-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@5.52-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2005-2475"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-58nu-wh1q-6ff3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113188?format=json","vulnerability_id":"VCID-5xtv-xppy-aufv","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8139.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8139.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8139","reference_id":"","reference_type":"","scores":[{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.9314","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174844","reference_id":"1174844","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174844"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722","reference_id":"773722","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722"},{"reference_url":"https://security.gentoo.org/glsa/201611-01","reference_id":"GLSA-201611-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201611-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0700","reference_id":"RHSA-2015:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0700"},{"reference_url":"https://usn.ubuntu.com/2472-1/","reference_id":"USN-2472-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2472-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106441?format=json","purl":"pkg:deb/debian/unzip@6.0-16?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-16%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2014-8139"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5xtv-xppy-aufv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2205?format=json","vulnerability_id":"VCID-7pjv-a4tm-nbcy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9844.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9844.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9844","reference_id":"","reference_type":"","scores":[{"value":"0.09788","scoring_system":"epss","scoring_elements":"0.93132","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9844"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9844"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1401864","reference_id":"1401864","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1401864"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847486","reference_id":"847486","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847486"},{"reference_url":"https://security.archlinux.org/AVG-611","reference_id":"AVG-611","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-611"},{"reference_url":"https://usn.ubuntu.com/4672-1/","reference_id":"USN-4672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4672-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106444?format=json","purl":"pkg:deb/debian/unzip@6.0-21?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-21%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2016-9844"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pjv-a4tm-nbcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11122?format=json","vulnerability_id":"VCID-8vbc-9jh4-w3b9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0529.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0529.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0529","reference_id":"","reference_type":"","scores":[{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.4771","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0530"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355","reference_id":"1010355","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2051402","reference_id":"2051402","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2051402"},{"reference_url":"https://security.gentoo.org/glsa/202310-17","reference_id":"GLSA-202310-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-17"},{"reference_url":"https://usn.ubuntu.com/5673-1/","reference_id":"USN-5673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5673-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106450?format=json","purl":"pkg:deb/debian/unzip@6.0-27?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-27%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2022-0529"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8vbc-9jh4-w3b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219227?format=json","vulnerability_id":"VCID-bggk-ynhz-rbhk","summary":"An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000033.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000033.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000033","reference_id":"","reference_type":"","scores":[{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66972","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000033"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537062","reference_id":"1537062","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537062"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106445?format=json","purl":"pkg:deb/debian/unzip@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2018-1000033"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bggk-ynhz-rbhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200018?format=json","vulnerability_id":"VCID-cc7j-u36s-afdq","summary":"Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0602.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0602.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0602","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34319","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0602"},{"reference_url":"https://usn.ubuntu.com/159-1/","reference_id":"USN-159-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/159-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106437?format=json","purl":"pkg:deb/debian/unzip@5.52-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@5.52-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2005-0602"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cc7j-u36s-afdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5114?format=json","vulnerability_id":"VCID-ehvb-rkmz-7yck","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18384.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18384.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18384","reference_id":"","reference_type":"","scores":[{"value":"0.03223","scoring_system":"epss","scoring_elements":"0.87342","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18384","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18384"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642931","reference_id":"1642931","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642931"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741384","reference_id":"741384","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741384"},{"reference_url":"https://security.archlinux.org/AVG-611","reference_id":"AVG-611","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2159","reference_id":"RHSA-2019:2159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2159"},{"reference_url":"https://usn.ubuntu.com/4672-1/","reference_id":"USN-4672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4672-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106448?format=json","purl":"pkg:deb/debian/unzip@6.0-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2018-18384"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ehvb-rkmz-7yck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200268?format=json","vulnerability_id":"VCID-gabk-cubg-v7eb","summary":"Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument.  NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4667.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4667.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4667","reference_id":"","reference_type":"","scores":[{"value":"0.03134","scoring_system":"epss","scoring_elements":"0.87164","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4667"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4667","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4667"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617861","reference_id":"1617861","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617861"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349794","reference_id":"349794","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349794"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/26913.c","reference_id":"CVE-2005-4667;OSVDB-22400","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/26913.c"},{"reference_url":"https://www.securityfocus.com/bid/15968/info","reference_id":"CVE-2005-4667;OSVDB-22400","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/15968/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0203","reference_id":"RHSA-2007:0203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0203"},{"reference_url":"https://usn.ubuntu.com/248-1/","reference_id":"USN-248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106439?format=json","purl":"pkg:deb/debian/unzip@5.52-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@5.52-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2005-4667"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gabk-cubg-v7eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219226?format=json","vulnerability_id":"VCID-kace-rc7d-8ff7","summary":"A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000032.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000032.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000032","reference_id":"","reference_type":"","scores":[{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66961","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000032"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537055","reference_id":"1537055","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537055"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106445?format=json","purl":"pkg:deb/debian/unzip@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2018-1000032"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kace-rc7d-8ff7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6246?format=json","vulnerability_id":"VCID-knnh-mxja-37dy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13232.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13232.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13232","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.15064","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13232"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1727761","reference_id":"1727761","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1727761"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931433","reference_id":"931433","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931433"},{"reference_url":"https://security.archlinux.org/AVG-611","reference_id":"AVG-611","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-611"},{"reference_url":"https://security.gentoo.org/glsa/202003-58","reference_id":"GLSA-202003-58","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-58"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1181","reference_id":"RHSA-2020:1181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1181"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1787","reference_id":"RHSA-2020:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2486","reference_id":"RHSA-2020:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2486"},{"reference_url":"https://usn.ubuntu.com/4672-1/","reference_id":"USN-4672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4672-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106449?format=json","purl":"pkg:deb/debian/unzip@6.0-24?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-24%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2019-13232"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-knnh-mxja-37dy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/119186?format=json","vulnerability_id":"VCID-kr7d-kc6s-zbea","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7696.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7696.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7696","reference_id":"","reference_type":"","scores":[{"value":"0.34932","scoring_system":"epss","scoring_elements":"0.97133","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7697","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7697"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1260944","reference_id":"1260944","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1260944"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802162","reference_id":"802162","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802162"},{"reference_url":"https://usn.ubuntu.com/2788-1/","reference_id":"USN-2788-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2788-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106446?format=json","purl":"pkg:deb/debian/unzip@6.0-19?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-19%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2015-7696"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kr7d-kc6s-zbea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199533?format=json","vulnerability_id":"VCID-n7ve-3ezr-qqe9","summary":"Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a \"..\" sequence.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0282.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0282.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0282","reference_id":"","reference_type":"","scores":[{"value":"0.21129","scoring_system":"epss","scoring_elements":"0.95789","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0282"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617015","reference_id":"1617015","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617015"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22584.txt","reference_id":"CVE-2003-0282;OSVDB-2168","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22584.txt"},{"reference_url":"https://www.securityfocus.com/bid/7550/info","reference_id":"CVE-2003-0282;OSVDB-2168","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/7550/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:199","reference_id":"RHSA-2003:199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:200","reference_id":"RHSA-2003:200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:218","reference_id":"RHSA-2003:218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:218"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106434?format=json","purl":"pkg:deb/debian/unzip@5.50-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@5.50-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2003-0282"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n7ve-3ezr-qqe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219228?format=json","vulnerability_id":"VCID-n834-xrt7-sufs","summary":"An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000034.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000034.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000034","reference_id":"","reference_type":"","scores":[{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.5972","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000034"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1543333","reference_id":"1543333","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1543333"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106445?format=json","purl":"pkg:deb/debian/unzip@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2018-1000034"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n834-xrt7-sufs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184503?format=json","vulnerability_id":"VCID-qczf-gkz5-3ua4","summary":"A double free vulnerability discovered in UnZip might lead to the execution\n    of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0888.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0888.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0888","reference_id":"","reference_type":"","scores":[{"value":"0.16321","scoring_system":"epss","scoring_elements":"0.95004","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0888"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=431438","reference_id":"431438","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=431438"},{"reference_url":"https://security.gentoo.org/glsa/200804-06","reference_id":"GLSA-200804-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0196","reference_id":"RHSA-2008:0196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0196"},{"reference_url":"https://usn.ubuntu.com/589-1/","reference_id":"USN-589-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/589-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106440?format=json","purl":"pkg:deb/debian/unzip@5.52-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@5.52-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2008-0888"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qczf-gkz5-3ua4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11123?format=json","vulnerability_id":"VCID-s78w-beh4-g7cc","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0530.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0530.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0530","reference_id":"","reference_type":"","scores":[{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37014","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0530"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355","reference_id":"1010355","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2051395","reference_id":"2051395","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2051395"},{"reference_url":"https://security.gentoo.org/glsa/202310-17","reference_id":"GLSA-202310-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-17"},{"reference_url":"https://usn.ubuntu.com/5673-1/","reference_id":"USN-5673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5673-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106450?format=json","purl":"pkg:deb/debian/unzip@6.0-27?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-27%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2022-0530"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s78w-beh4-g7cc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113191?format=json","vulnerability_id":"VCID-sv7x-aqed-ryep","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8141.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8141.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8141","reference_id":"","reference_type":"","scores":[{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.9314","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8141"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174856","reference_id":"1174856","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174856"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722","reference_id":"773722","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722"},{"reference_url":"https://security.gentoo.org/glsa/201611-01","reference_id":"GLSA-201611-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201611-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0700","reference_id":"RHSA-2015:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0700"},{"reference_url":"https://usn.ubuntu.com/2472-1/","reference_id":"USN-2472-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2472-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106442?format=json","purl":"pkg:deb/debian/unzip@6.0-13?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-13%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2014-8141"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sv7x-aqed-ryep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/336?format=json","vulnerability_id":"VCID-tymx-rtgt-guaa","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9913.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9913.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9913","reference_id":"","reference_type":"","scores":[{"value":"0.0459","scoring_system":"epss","scoring_elements":"0.89473","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9913"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1401865","reference_id":"1401865","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1401865"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847485","reference_id":"847485","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847485"},{"reference_url":"https://security.archlinux.org/AVG-611","reference_id":"AVG-611","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-611"},{"reference_url":"https://usn.ubuntu.com/4672-1/","reference_id":"USN-4672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4672-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106444?format=json","purl":"pkg:deb/debian/unzip@6.0-21?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-21%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2014-9913"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tymx-rtgt-guaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/119187?format=json","vulnerability_id":"VCID-v1em-k69v-wuh6","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7697.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7697.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7697","reference_id":"","reference_type":"","scores":[{"value":"0.33036","scoring_system":"epss","scoring_elements":"0.97007","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7697"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7697","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7697"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1260944","reference_id":"1260944","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1260944"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802160","reference_id":"802160","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802160"},{"reference_url":"https://usn.ubuntu.com/2788-1/","reference_id":"USN-2788-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2788-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106446?format=json","purl":"pkg:deb/debian/unzip@6.0-19?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-19%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2015-7697"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v1em-k69v-wuh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219224?format=json","vulnerability_id":"VCID-xkrq-2vuv-pyc5","summary":"Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1315.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1315.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1315","reference_id":"","reference_type":"","scores":[{"value":"0.1061","scoring_system":"epss","scoring_elements":"0.93457","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1315"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1192603","reference_id":"1192603","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1192603"},{"reference_url":"https://usn.ubuntu.com/2502-1/","reference_id":"USN-2502-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2502-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106445?format=json","purl":"pkg:deb/debian/unzip@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2015-1315"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xkrq-2vuv-pyc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113190?format=json","vulnerability_id":"VCID-xvr7-qmy3-j7df","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8140.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8140.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8140","reference_id":"","reference_type":"","scores":[{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.9314","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174851","reference_id":"1174851","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174851"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722","reference_id":"773722","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722"},{"reference_url":"https://security.gentoo.org/glsa/201611-01","reference_id":"GLSA-201611-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201611-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0700","reference_id":"RHSA-2015:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0700"},{"reference_url":"https://usn.ubuntu.com/2472-1/","reference_id":"USN-2472-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2472-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106442?format=json","purl":"pkg:deb/debian/unzip@6.0-13?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-13%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2014-8140"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xvr7-qmy3-j7df"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113916?format=json","vulnerability_id":"VCID-z4k5-mx78-sbdf","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9636.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9636.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9636","reference_id":"","reference_type":"","scores":[{"value":"0.58381","scoring_system":"epss","scoring_elements":"0.98236","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9636"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9636","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9636"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1184985","reference_id":"1184985","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1184985"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776589","reference_id":"776589","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776589"},{"reference_url":"https://security.gentoo.org/glsa/201611-01","reference_id":"GLSA-201611-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201611-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0700","reference_id":"RHSA-2015:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0700"},{"reference_url":"https://usn.ubuntu.com/2489-1/","reference_id":"USN-2489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106443?format=json","purl":"pkg:deb/debian/unzip@6.0-15?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-15%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2014-9636"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z4k5-mx78-sbdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219225?format=json","vulnerability_id":"VCID-ztfs-99jn-w3g6","summary":"A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000031.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000031.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000031","reference_id":"","reference_type":"","scores":[{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66961","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000031"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537059","reference_id":"1537059","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537059"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106445?format=json","purl":"pkg:deb/debian/unzip@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106435?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106433?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106436?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2018-1000031"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ztfs-99jn-w3g6"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}